Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The version of redux in use here is using an old version of lodash-es which causes a security vulnerability #34

Open
shusak opened this issue Jan 11, 2019 · 0 comments
Open

The version of redux in use here is using an old version of lodash-es which causes a security vulnerability #34

shusak opened this issue Jan 11, 2019 · 0 comments

Comments

@shusak
Copy link

shusak commented Jan 11, 2019

Recent scans of this component have shown that the version of redux it depends on has a security vulnerability in the version lodash-es in use:

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-3721

Can this component move to redux 4.0.1? (or whatever latest is)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@shusak