Newman: Vulnerabilities in your dependencies: Lodash - Prototype Pollution

Created on 23 Jul 2019  路  3Comments  路  Source: postmanlabs/newman
  1. Newman Version (can be found via newman -v): 4.5.1
  2. OS details (type, version, and architecture): macOSX 64bit
  3. Are you using Newman as a library, or via the CLI?: library
  4. Did you encounter this recently, or has this bug always been there: recent npm audit
  5. Expected behaviour:
  6. Command / script used to run Newman:
  7. Sample collection, and auxiliary files (minus the sensitive details):
  8. Screenshots (if applicable):

Steps to reproduce the problem:

  1. npm install newman
  2. npm audit

image

picture Pixcell
👍1

Most helpful comment

What is preventing this security fix from being released?

picture ZebraFlesh on 30 Jul 2019
👍3

All 3 comments

The change is merged in develop branch here but just not released yet

ipmsteven picture ipmsteven on 29 Jul 2019

What is preventing this security fix from being released?

ZebraFlesh picture ZebraFlesh on 30 Jul 2019
👍3

Fixed in Newman v4.5.3.

codenirvana picture codenirvana on 2 Aug 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Vijayabaskar03 picture Vijayabaskar03  路  4Comments
DotNetRockStar picture DotNetRockStar  路  5Comments
al-tr picture al-tr  路  4Comments
gaieges picture gaieges  路  4Comments
rycornell picture rycornell  路  5Comments