Closed Udith-Murali closed 2 years ago
HIGH SEVERITY vulnerability issue Command Injection Vulnerable module: lodash.template Introduced through: lodash.template@4.5.0 Detailed paths Introduced through: react-native-vector-icons@9.0.0 › lodash.template@4.5.0 Overview lodash.template is a The Lodash method _.template exported as a Node.js module.
Affected versions of this package are vulnerable to Command Injection via template
Hoping a fix asap in the upcoming version.
It's not a runtime dep, so no real security issue
Fixed in 9.1.0
HIGH SEVERITY vulnerability issue Command Injection Vulnerable module: lodash.template Introduced through: lodash.template@4.5.0 Detailed paths Introduced through: react-native-vector-icons@9.0.0 › lodash.template@4.5.0 Overview lodash.template is a The Lodash method _.template exported as a Node.js module.
Affected versions of this package are vulnerable to Command Injection via template
Hoping a fix asap in the upcoming version.