Update dependency lodash to v4.17.21 (master) #850

Security Report

❗️Scan Warnings: The scan completed with warnings. The integration encountered issues with one or more projects in this repository. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.

general

https://vonagecc.jfrog.io/artifactory

Step	Level	Description	Details
Checking registry connectivity	⚠Warn	Unsupported configuration was provided	Unsupported registry hostType gradle, skipped

https://vonagecc.jfrog.io/artifactory/maven

Step	Level	Description	Details
Checking registry connectivity	⚠Warn	Unsupported configuration was provided	Unsupported registry hostType gradle, skipped

You have successfully remediated 2 vulnerabilities, but introduced 1 new vulnerabilities in this branch.

❌ New vulnerabilities:

CVE	Severity	CVSS Score	Exploit Maturity	EPSS	Vulnerable Library	Suggested Fix	Issue	Reachability
CVE-2018-3721 Path to dependency file: /package.json Path to vulnerable library: /node_modules/grunt-bower-task/node_modules/lodash/package.json Dependency Hierarchy: -> grunt-bower-task-0.5.0.tgz (Root Library) -> ❌ lodash-0.10.0.tgz (Vulnerable Library)	Medium	6.5	Not Defined	0.1%	lodash-0.10.0.tgz	Upgrade to version: lodash 4.17.5	#796	Unreachable

✔️ Remediated vulnerabilities:

CVE	Vulnerable Library
CVE-2021-23337	lodash-4.17.20.tgz
CVE-2020-28500	lodash-4.17.20.tgz

Base branch total remaining vulnerabilities: 46
Base branch commit: null

Total libraries scanned: 577

Scan token: 9d56121c6e7d4e7b8fce44658c278886

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency lodash to v4.17.21 (master) #850

Update dependency lodash to v4.17.21 (master) #850

Security Report

general

https://vonagecc.jfrog.io/artifactory

https://vonagecc.jfrog.io/artifactory/maven

Re-running checks...

Update dependency lodash to v4.17.21 (master) #850

Are you sure you want to change the base?