privilegedescalation/headlamp-kube-vip-plugin

fix: override lodash >=4.18.0 to patch code injection vulnerability #40

Merged

privilegedescalation-engineer[bot] merged 2 commits from fix/lodash-cve-ghsa-r5fr-rjxr-66jc into main

2026-05-03 23:24:52 +00:00

2 changed files with 404 additions and 403 deletions

									
										package.json
									
		+1
		
												View File
												
				@@ -32,6 +32,7 @@

				  "overrides": {

				    "tar": "^7.5.11",

				    "undici": "^7.24.3",

				    "lodash": ">=4.18.0",

				    "vite": ">=6.4.2"

				  },

				  "devDependencies": {

pnpm-lock.yaml

Generated

+403 -403

View File

File diff suppressed because it is too large Load Diff