search

peterolson / BigInteger.js

An arbitrary length integer library for Javascript
The Unlicense
1.12k stars 187 forks source link

Command Injection vulnarability in lodash - please, update the deps #216

Closed npetrovski closed 2 years ago

npetrovski commented 3 years ago

lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

https://github.com/advisories/GHSA-35jh-r3h4-6jhm

peterolson commented 2 years ago

Fixed by #219