From ce722cb141c307a544f4731202ce7547b9edd3c3 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 26 Jan 2026 00:53:05 +0000 Subject: [PATCH] fix: javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-vulnerable-lodash/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-567746 --- .../src-vulnerable-lodash/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-vulnerable-lodash/package.json b/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-vulnerable-lodash/package.json index bdc06dcd8b13..8ab13fff9c04 100644 --- a/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-vulnerable-lodash/package.json +++ b/javascript/ql/test/query-tests/Security/CWE-915/PrototypePollutingMergeCall/src-vulnerable-lodash/package.json @@ -1,5 +1,5 @@ { "dependencies": { - "lodash": "4.17.4" + "lodash": "4.17.20" } }