[x3d-public] Fwd: A new security advisory on lodash affects 6 of your repositories

John Carlson yottzumm at gmail.com
Sun Jul 19 09:45:53 PDT 2020


FYI, there’s a security advisory against many of my repositories.   I don’t
see any patches yet.   While I don’t use lodash directly, some of my
dependencies may.

---------- Forwarded message ---------
From: GitHub <noreply at github.com>
Date: Sun, Jul 19, 2020 at 7:45 AM
Subject: A new security advisory on lodash affects 6 of your repositories
To: John Carlson <yottzumm at gmail.com>


A new security advisory was published
[image: GitHub] <https://github.com>
A new security advisory was published

We found a vulnerable dependency in repositories you have security alert
access to.

Security advisory GHSA-p6mc-m468-83gw
<https://github.com/advisories/GHSA-p6mc-m468-83gw> (low severity) affects 6
repositories:
lodash (npm) used in 6 repositories
[image: @coderextreme] coderextreme/oratorsheart
View alert
<https://github.com/coderextreme/oratorsheart/network/alert/package-lock.json/lodash/open>
[image: @coderextreme] coderextreme/busyvine
View alert
<https://github.com/coderextreme/busyvine/network/alert/package-lock.json/lodash/open>
[image: @coderextreme] coderextreme/X3DJSONLD
View alert
<https://github.com/coderextreme/X3DJSONLD/network/alert/package-lock.json/lodash/open>
[image: @coderextreme] coderextreme/pythonSAI
View alert
<https://github.com/coderextreme/pythonSAI/network/alert/package-lock.json/lodash/open>
[image: @coderextreme] coderextreme/X3DESSAIL
View alert
<https://github.com/coderextreme/X3DESSAIL/network/alert/package-lock.json/lodash/open>
[image: @coderextreme] coderextreme/x3djson
View alert
<https://github.com/coderextreme/x3djson/network/alert/package-lock.json/lodash/open>
------------------------------

Email preferences
<https://github.com/settings/notifications#vulnerability-alerts-heading> ·
Terms <https://help.github.com/articles/github-terms-of-service/> · Privacy
<https://help.github.com/articles/github-privacy-policy/> · Sign into GitHub
<https://github.com/login>

GitHub, Inc.
88 Colin P Kelly Jr St.
<https://www.google.com/maps/search/88+Colin+P+Kelly+Jr+St.+San+Francisco,+CA+94107?entry=gmail&source=g>
San Francisco, CA 94107
<https://www.google.com/maps/search/88+Colin+P+Kelly+Jr+St.+San+Francisco,+CA+94107?entry=gmail&source=g>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://web3d.org/pipermail/x3d-public_web3d.org/attachments/20200719/0b74f27f/attachment-0001.html>


More information about the x3d-public mailing list