La versión de Lo-dash tiene una vulnerabilidad de seguridad de alta severidad

j.jaffeux · 17 Mayo, 2019 05:42

Ok I go tricked by a combination of things…

Most notably yarn global add will 4.17.5 no matter what… You have to install it from git repo:

➜  Projects yarn global add https://github.com/lodash-archive/lodash-cli
yarn global v1.16.0
[1/4] 🔍  Resolving packages...
[2/4] 🚚  Fetching packages...
[3/4] 🔗  Linking dependencies...
[4/4] 🔨  Building fresh packages...
success Installed "lodash-cli@4.17.11" with binaries:
      - lodash
✨  Done in 5.90s.

Will be fixed by:

Thanks.

Tema		Respuestas	Vistas
Vulnerabilities in the official Docker image Development	1	881	19 Mayo 2023
Lodash.js missing Support unsupported-install	6	712	16 Octubre 2020
3.2.4: Security and bug fix release Announcements release-notes	0	349	15 Julio 2024
Unable to find discourse version 2.9.0.beta6 Support	4	655	4 Julio 2022
Vulnerability patching of npm/gem dependencies in discourse Self-hosting docker	2	122	13 Octubre 2025

La versión de Lo-dash tiene una vulnerabilidad de seguridad de alta severidad

Temas relacionados