Dependency Underscore -1.9.1 has CRITICAL Vulnerability - Arbitrary Code Execution in underscore which has patched in >=1.12.1 versions of underscore #1817
Assignees
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
when I use this package react-bootstrap-table-next in create-react-app project.
when checking for vulnerabilities in the terminal
I am encountering this error
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Critical │ Arbitrary Code Execution in underscore │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ underscore │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=1.12.1 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ react-bootstrap-table-next │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ react-bootstrap-table-next > underscore │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ GHSA-cf4h-3jhx-xvhq
├───────────────┼───────────────────────────────────────
The text was updated successfully, but these errors were encountered: