There is a vulnerability in "lodash.template" < "^4.5.0". To get rid of security alerts, we should use 4.5.0 version at least
CVE-2019-10744 More information
critical severity
Vulnerable versions: < 4.5.0
Patched version: 4.5.0
Affected versions of lodash are vulnerable to Prototype Pollution.
The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
There is a vulnerability in
"lodash.template" < "^4.5.0". To get rid of security alerts, we should use4.5.0version at leasthttps://nvd.nist.gov/vuln/detail/CVE-2019-10744