•  
      request #35871 Ignore lodash.pick CVE-2020-8203
    Infos
    #35871
    Thomas Gerbet (tgerbet)
    2024-01-25 15:40
    2024-01-25 09:28
    37473
    Details
    Ignore lodash.pick CVE-2020-8203

    It is a prototype pollution issue which is not really a problem for our context (used in gettext extraction pipeline of the Angular tooling).
    We cannot upgrade it because the whole tooling is outdated.

    Dev tools
    Empty
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2024-01-25
    Attachments
    Empty
    References

    Follow-ups