{"type":"auditAdvisory","data":{"resolution":{"id":598,"path":"imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>tunnel-agent","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.3","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>tunnel-agent","node-sass>request>tunnel-agent"],"dev":false,"optional":false,"bundled":false}],"id":598,"created":"2018-04-24T20:30:16.099Z","updated":"2018-04-24T20:31:15.816Z","deleted":null,"title":"Memory Exposure","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"tunnel-agent","cves":[],"vulnerable_versions":"<0.6.0","patched_versions":">=0.6.0","overview":"Versions of `tunnel-agent` before 0.6.0 are vulnerable to memory exposure.\n\nThis is exploitable if user supplied input is provided to the auth value and is a number.\n\nProof-of-concept:\n```js\nrequire('request')({\n  method: 'GET',\n  uri: 'http://www.example.com',\n  tunnel: true,\n  proxy:{\n    protocol: 'http:',\n    host:'127.0.0.1',\n    port:8080,\n    auth:USERSUPPLIEDINPUT // number\n  }\n});\n```","recommendation":"Update to version 0.6.0 or later.","references":"- [GitHub Commit #9ca95ec](https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0)\n- [Proof of Concept](https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4)","access":"public","severity":"moderate","cwe":"CWE-20","metadata":{"module_type":"","exploitability":3,"affected_components":""},"url":"https://npmjs.com/advisories/598"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":598,"path":"imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>tunnel-agent","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.3","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>tunnel-agent","node-sass>request>tunnel-agent"],"dev":false,"optional":false,"bundled":false}],"id":598,"created":"2018-04-24T20:30:16.099Z","updated":"2018-04-24T20:31:15.816Z","deleted":null,"title":"Memory Exposure","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"tunnel-agent","cves":[],"vulnerable_versions":"<0.6.0","patched_versions":">=0.6.0","overview":"Versions of `tunnel-agent` before 0.6.0 are vulnerable to memory exposure.\n\nThis is exploitable if user supplied input is provided to the auth value and is a number.\n\nProof-of-concept:\n```js\nrequire('request')({\n  method: 'GET',\n  uri: 'http://www.example.com',\n  tunnel: true,\n  proxy:{\n    protocol: 'http:',\n    host:'127.0.0.1',\n    port:8080,\n    auth:USERSUPPLIEDINPUT // number\n  }\n});\n```","recommendation":"Update to version 0.6.0 or later.","references":"- [GitHub Commit #9ca95ec](https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0)\n- [Proof of Concept](https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4)","access":"public","severity":"moderate","cwe":"CWE-20","metadata":{"module_type":"","exploitability":3,"affected_components":""},"url":"https://npmjs.com/advisories/598"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":598,"path":"imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>tunnel-agent","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.3","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>tunnel-agent","node-sass>request>tunnel-agent"],"dev":false,"optional":false,"bundled":false}],"id":598,"created":"2018-04-24T20:30:16.099Z","updated":"2018-04-24T20:31:15.816Z","deleted":null,"title":"Memory Exposure","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"tunnel-agent","cves":[],"vulnerable_versions":"<0.6.0","patched_versions":">=0.6.0","overview":"Versions of `tunnel-agent` before 0.6.0 are vulnerable to memory exposure.\n\nThis is exploitable if user supplied input is provided to the auth value and is a number.\n\nProof-of-concept:\n```js\nrequire('request')({\n  method: 'GET',\n  uri: 'http://www.example.com',\n  tunnel: true,\n  proxy:{\n    protocol: 'http:',\n    host:'127.0.0.1',\n    port:8080,\n    auth:USERSUPPLIEDINPUT // number\n  }\n});\n```","recommendation":"Update to version 0.6.0 or later.","references":"- [GitHub Commit #9ca95ec](https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0)\n- [Proof of Concept](https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4)","access":"public","severity":"moderate","cwe":"CWE-20","metadata":{"module_type":"","exploitability":3,"affected_components":""},"url":"https://npmjs.com/advisories/598"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":598,"path":"imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>tunnel-agent","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.3","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>tunnel-agent","node-sass>request>tunnel-agent"],"dev":false,"optional":false,"bundled":false}],"id":598,"created":"2018-04-24T20:30:16.099Z","updated":"2018-04-24T20:31:15.816Z","deleted":null,"title":"Memory Exposure","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"tunnel-agent","cves":[],"vulnerable_versions":"<0.6.0","patched_versions":">=0.6.0","overview":"Versions of `tunnel-agent` before 0.6.0 are vulnerable to memory exposure.\n\nThis is exploitable if user supplied input is provided to the auth value and is a number.\n\nProof-of-concept:\n```js\nrequire('request')({\n  method: 'GET',\n  uri: 'http://www.example.com',\n  tunnel: true,\n  proxy:{\n    protocol: 'http:',\n    host:'127.0.0.1',\n    port:8080,\n    auth:USERSUPPLIEDINPUT // number\n  }\n});\n```","recommendation":"Update to version 0.6.0 or later.","references":"- [GitHub Commit #9ca95ec](https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0)\n- [Proof of Concept](https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4)","access":"public","severity":"moderate","cwe":"CWE-20","metadata":{"module_type":"","exploitability":3,"affected_components":""},"url":"https://npmjs.com/advisories/598"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":598,"path":"imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>tunnel-agent","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.3","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>tunnel-agent","node-sass>request>tunnel-agent"],"dev":false,"optional":false,"bundled":false}],"id":598,"created":"2018-04-24T20:30:16.099Z","updated":"2018-04-24T20:31:15.816Z","deleted":null,"title":"Memory Exposure","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"tunnel-agent","cves":[],"vulnerable_versions":"<0.6.0","patched_versions":">=0.6.0","overview":"Versions of `tunnel-agent` before 0.6.0 are vulnerable to memory exposure.\n\nThis is exploitable if user supplied input is provided to the auth value and is a number.\n\nProof-of-concept:\n```js\nrequire('request')({\n  method: 'GET',\n  uri: 'http://www.example.com',\n  tunnel: true,\n  proxy:{\n    protocol: 'http:',\n    host:'127.0.0.1',\n    port:8080,\n    auth:USERSUPPLIEDINPUT // number\n  }\n});\n```","recommendation":"Update to version 0.6.0 or later.","references":"- [GitHub Commit #9ca95ec](https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0)\n- [Proof of Concept](https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4)","access":"public","severity":"moderate","cwe":"CWE-20","metadata":{"module_type":"","exploitability":3,"affected_components":""},"url":"https://npmjs.com/advisories/598"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":598,"path":"imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>tunnel-agent","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.3","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>tunnel-agent","node-sass>request>tunnel-agent"],"dev":false,"optional":false,"bundled":false}],"id":598,"created":"2018-04-24T20:30:16.099Z","updated":"2018-04-24T20:31:15.816Z","deleted":null,"title":"Memory Exposure","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"tunnel-agent","cves":[],"vulnerable_versions":"<0.6.0","patched_versions":">=0.6.0","overview":"Versions of `tunnel-agent` before 0.6.0 are vulnerable to memory exposure.\n\nThis is exploitable if user supplied input is provided to the auth value and is a number.\n\nProof-of-concept:\n```js\nrequire('request')({\n  method: 'GET',\n  uri: 'http://www.example.com',\n  tunnel: true,\n  proxy:{\n    protocol: 'http:',\n    host:'127.0.0.1',\n    port:8080,\n    auth:USERSUPPLIEDINPUT // number\n  }\n});\n```","recommendation":"Update to version 0.6.0 or later.","references":"- [GitHub Commit #9ca95ec](https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0)\n- [Proof of Concept](https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4)","access":"public","severity":"moderate","cwe":"CWE-20","metadata":{"module_type":"","exploitability":3,"affected_components":""},"url":"https://npmjs.com/advisories/598"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":598,"path":"imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>tunnel-agent","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.3","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>tunnel-agent","node-sass>request>tunnel-agent"],"dev":false,"optional":false,"bundled":false}],"id":598,"created":"2018-04-24T20:30:16.099Z","updated":"2018-04-24T20:31:15.816Z","deleted":null,"title":"Memory Exposure","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"tunnel-agent","cves":[],"vulnerable_versions":"<0.6.0","patched_versions":">=0.6.0","overview":"Versions of `tunnel-agent` before 0.6.0 are vulnerable to memory exposure.\n\nThis is exploitable if user supplied input is provided to the auth value and is a number.\n\nProof-of-concept:\n```js\nrequire('request')({\n  method: 'GET',\n  uri: 'http://www.example.com',\n  tunnel: true,\n  proxy:{\n    protocol: 'http:',\n    host:'127.0.0.1',\n    port:8080,\n    auth:USERSUPPLIEDINPUT // number\n  }\n});\n```","recommendation":"Update to version 0.6.0 or later.","references":"- [GitHub Commit #9ca95ec](https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0)\n- [Proof of Concept](https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4)","access":"public","severity":"moderate","cwe":"CWE-20","metadata":{"module_type":"","exploitability":3,"affected_components":""},"url":"https://npmjs.com/advisories/598"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":612,"path":"imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>get-proxy>rc>deep-extend","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.2","paths":["@babel/cli>chokidar>fsevents>node-pre-gyp>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rc>deep-extend"],"dev":false,"optional":false,"bundled":false}],"id":612,"created":"2018-04-24T23:13:13.134Z","updated":"2018-05-08T01:46:15.050Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"deep-extend","cves":[],"vulnerable_versions":"<=0.5.0","patched_versions":">=0.5.1","overview":"Versions of `deep-extend` before 0.5.1 are vulnerable to prototype pollution.","recommendation":"Update to version 0.5.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/311333)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/612"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":612,"path":"imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>get-proxy>rc>deep-extend","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.2","paths":["@babel/cli>chokidar>fsevents>node-pre-gyp>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rc>deep-extend"],"dev":false,"optional":false,"bundled":false}],"id":612,"created":"2018-04-24T23:13:13.134Z","updated":"2018-05-08T01:46:15.050Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"deep-extend","cves":[],"vulnerable_versions":"<=0.5.0","patched_versions":">=0.5.1","overview":"Versions of `deep-extend` before 0.5.1 are vulnerable to prototype pollution.","recommendation":"Update to version 0.5.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/311333)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/612"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":612,"path":"imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>get-proxy>rc>deep-extend","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.2","paths":["@babel/cli>chokidar>fsevents>node-pre-gyp>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rc>deep-extend"],"dev":false,"optional":false,"bundled":false}],"id":612,"created":"2018-04-24T23:13:13.134Z","updated":"2018-05-08T01:46:15.050Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"deep-extend","cves":[],"vulnerable_versions":"<=0.5.0","patched_versions":">=0.5.1","overview":"Versions of `deep-extend` before 0.5.1 are vulnerable to prototype pollution.","recommendation":"Update to version 0.5.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/311333)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/612"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":612,"path":"imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.2","paths":["@babel/cli>chokidar>fsevents>node-pre-gyp>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rc>deep-extend"],"dev":false,"optional":false,"bundled":false}],"id":612,"created":"2018-04-24T23:13:13.134Z","updated":"2018-05-08T01:46:15.050Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"deep-extend","cves":[],"vulnerable_versions":"<=0.5.0","patched_versions":">=0.5.1","overview":"Versions of `deep-extend` before 0.5.1 are vulnerable to prototype pollution.","recommendation":"Update to version 0.5.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/311333)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/612"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":612,"path":"imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>get-proxy>rc>deep-extend","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.2","paths":["@babel/cli>chokidar>fsevents>node-pre-gyp>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rc>deep-extend"],"dev":false,"optional":false,"bundled":false}],"id":612,"created":"2018-04-24T23:13:13.134Z","updated":"2018-05-08T01:46:15.050Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"deep-extend","cves":[],"vulnerable_versions":"<=0.5.0","patched_versions":">=0.5.1","overview":"Versions of `deep-extend` before 0.5.1 are vulnerable to prototype pollution.","recommendation":"Update to version 0.5.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/311333)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/612"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":612,"path":"imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.2","paths":["@babel/cli>chokidar>fsevents>node-pre-gyp>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rc>deep-extend"],"dev":false,"optional":false,"bundled":false}],"id":612,"created":"2018-04-24T23:13:13.134Z","updated":"2018-05-08T01:46:15.050Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"deep-extend","cves":[],"vulnerable_versions":"<=0.5.0","patched_versions":">=0.5.1","overview":"Versions of `deep-extend` before 0.5.1 are vulnerable to prototype pollution.","recommendation":"Update to version 0.5.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/311333)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/612"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":612,"path":"imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.2","paths":["@babel/cli>chokidar>fsevents>node-pre-gyp>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rc>deep-extend"],"dev":false,"optional":false,"bundled":false}],"id":612,"created":"2018-04-24T23:13:13.134Z","updated":"2018-05-08T01:46:15.050Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"deep-extend","cves":[],"vulnerable_versions":"<=0.5.0","patched_versions":">=0.5.1","overview":"Versions of `deep-extend` before 0.5.1 are vulnerable to prototype pollution.","recommendation":"Update to version 0.5.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/311333)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/612"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":598,"path":"node-sass>request>tunnel-agent","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.3","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>tunnel-agent","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>tunnel-agent","node-sass>request>tunnel-agent"],"dev":false,"optional":false,"bundled":false}],"id":598,"created":"2018-04-24T20:30:16.099Z","updated":"2018-04-24T20:31:15.816Z","deleted":null,"title":"Memory Exposure","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"tunnel-agent","cves":[],"vulnerable_versions":"<0.6.0","patched_versions":">=0.6.0","overview":"Versions of `tunnel-agent` before 0.6.0 are vulnerable to memory exposure.\n\nThis is exploitable if user supplied input is provided to the auth value and is a number.\n\nProof-of-concept:\n```js\nrequire('request')({\n  method: 'GET',\n  uri: 'http://www.example.com',\n  tunnel: true,\n  proxy:{\n    protocol: 'http:',\n    host:'127.0.0.1',\n    port:8080,\n    auth:USERSUPPLIEDINPUT // number\n  }\n});\n```","recommendation":"Update to version 0.6.0 or later.","references":"- [GitHub Commit #9ca95ec](https://github.com/request/tunnel-agent/commit/9ca95ec7219daface8a6fc2674000653de0922c0)\n- [Proof of Concept](https://gist.github.com/ChALkeR/fd6b2c445834244e7d440a043f9d2ff4)","access":"public","severity":"moderate","cwe":"CWE-20","metadata":{"module_type":"","exploitability":3,"affected_components":""},"url":"https://npmjs.com/advisories/598"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"node-sass>request>hawk>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"node-sass>request>hawk>cryptiles>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"node-sass>request>hawk>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"node-sass>request>hawk>sntp>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"node-sass>gaze>globule>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"node-sass>sass-graph>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"node-sass>node-gyp>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"node-sass>node-gyp>request>hawk>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"node-sass>node-gyp>request>hawk>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"node-sass>node-gyp>request>hawk>sntp>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":720,"path":"node-sass>node-gyp>request>hawk>cryptiles","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"3.1.2","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","node-sass>node-gyp>request>hawk>cryptiles"],"dev":false,"optional":false,"bundled":false}],"id":720,"created":"2018-11-01T18:32:48.906Z","updated":"2018-11-02T21:39:11.618Z","deleted":null,"title":"Insufficient Entropy","found_by":{"link":"https://www.microsoft.com/en-us/msrc/msvr","name":"Microsoft Vulnerability Research"},"reported_by":{"link":"https://www.microsoft.com/en-us/msrc/msvr","name":"Microsoft Vulnerability Research"},"module_name":"cryptiles","cves":["CVE-2018-1000620"],"vulnerable_versions":">=3.1.0 <3.1.3 || >=4.0.0 <4.1.2","patched_versions":">=3.1.3 <4.0.0 || >=4.1.2","overview":"Versions of `cryptiles` from version 3.1.0 through 3.1.2, and versions 4.0.0 to version 4.1.1 are vulnerable to insufficient entropy.  The `randomDigits` method generates digits that lack a perfect distribution over enough attempts.\n","recommendation":"Update to version 3.1.3 or 4.1.2 or later.","references":"- [GitHub Issue](https://github.com/hapijs/cryptiles/issues/34)\n- [security-wg](https://github.com/nodejs/security-wg/blob/master/vuln/npm/476.json)","access":"public","severity":"high","cwe":"CWE-331","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/720"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":606,"path":"node-sass>node-gyp>request>http-signature>sshpk","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.13.1","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","node-sass>node-gyp>request>http-signature>sshpk","node-sass>request>http-signature>sshpk"],"dev":false,"optional":false,"bundled":false}],"id":606,"created":"2018-04-24T22:25:08.333Z","updated":"2018-09-07T17:39:16.549Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"sshpk","cves":["CVE-2018-3737"],"vulnerable_versions":"<1.13.2 || >=1.14.0 <1.14.1","patched_versions":">=1.13.2 < 1.14.0 || >=1.14.1","overview":"Versions of `sshpk` before 1.13.2 or 1.14.1 are vulnerable to regular expression denial of service when parsing crafted invalid public keys.","recommendation":"Update to version 1.13.2, 1.14.1 or later.","references":"- https://github.com/joyent/node-sshpk/blob/v1.13.1/lib/formats/ssh.js#L17\n- [HackerOne Report](https://hackerone.com/reports/319593)\n- https://github.com/joyent/node-sshpk/commit/46065d38a5e6d1bccf86d3efb2fb83c14e3f9957","access":"public","severity":"high","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/606"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":606,"path":"node-sass>request>http-signature>sshpk","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.13.1","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","node-sass>node-gyp>request>http-signature>sshpk","node-sass>request>http-signature>sshpk"],"dev":false,"optional":false,"bundled":false}],"id":606,"created":"2018-04-24T22:25:08.333Z","updated":"2018-09-07T17:39:16.549Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"sshpk","cves":["CVE-2018-3737"],"vulnerable_versions":"<1.13.2 || >=1.14.0 <1.14.1","patched_versions":">=1.13.2 < 1.14.0 || >=1.14.1","overview":"Versions of `sshpk` before 1.13.2 or 1.14.1 are vulnerable to regular expression denial of service when parsing crafted invalid public keys.","recommendation":"Update to version 1.13.2, 1.14.1 or later.","references":"- https://github.com/joyent/node-sshpk/blob/v1.13.1/lib/formats/ssh.js#L17\n- [HackerOne Report](https://hackerone.com/reports/319593)\n- https://github.com/joyent/node-sshpk/commit/46065d38a5e6d1bccf86d3efb2fb83c14e3f9957","access":"public","severity":"high","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/606"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":664,"path":"node-sass>node-gyp>request>stringstream","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.0.5","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","node-sass>node-gyp>request>stringstream","node-sass>request>stringstream"],"dev":false,"optional":false,"bundled":false}],"id":664,"created":"2018-05-16T19:39:37.463Z","updated":"2018-05-22T15:03:12.999Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"stringstream","cves":[],"vulnerable_versions":"<=0.0.5","patched_versions":">=0.0.6","overview":"All versions of `stringstream` are vulnerable to out-of-bounds read as it allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below.","recommendation":"No fix is currently available for this vulnerability. It is our recommendation to not install or use this module if user input is being passed in to `stringstream`.\n","references":"- [HackerOne Report](https://hackerone.com/reports/321670)\n- https://github.com/mhart/StringStream/blob/v0.0.5/stringstream.js#L32","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/664"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":664,"path":"node-sass>request>stringstream","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.0.5","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","node-sass>node-gyp>request>stringstream","node-sass>request>stringstream"],"dev":false,"optional":false,"bundled":false}],"id":664,"created":"2018-05-16T19:39:37.463Z","updated":"2018-05-22T15:03:12.999Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"stringstream","cves":[],"vulnerable_versions":"<=0.0.5","patched_versions":">=0.0.6","overview":"All versions of `stringstream` are vulnerable to out-of-bounds read as it allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below.","recommendation":"No fix is currently available for this vulnerability. It is our recommendation to not install or use this module if user input is being passed in to `stringstream`.\n","references":"- [HackerOne Report](https://hackerone.com/reports/321670)\n- https://github.com/mhart/StringStream/blob/v0.0.5/stringstream.js#L32","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/664"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":525,"path":"node-sass>request>tough-cookie","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.3.2","paths":["node-sass>request>tough-cookie"],"dev":false,"optional":false,"bundled":false}],"id":525,"created":"2017-09-08T18:07:02.061Z","updated":"2018-04-09T00:01:19.079Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"tough-cookie","cves":["CVE-2017-16112"],"vulnerable_versions":"<2.3.3","patched_versions":">=2.3.3","overview":"Affected versions of `tough-cookie` are susceptible to a regular expression denial of service.\n\nThe amplification on this vulnerability is relatively low - it takes around 2 seconds for the engine to execute on a malicious input which is 50,000 characters in length.\n\nIf node was compiled using the `-DHTTP_MAX_HEADER_SIZE` however, the impact of the vulnerability can be significant, as the primary limitation for the vulnerability is the default max HTTP header length in node.","recommendation":"Update to version 2.3.3 or later.","references":"[Issue #92](https://github.com/salesforce/tough-cookie/issues/92)","access":"public","severity":"high","cwe":"CWE-400","metadata":{"module_type":"Network.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/525"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"webpack>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"webpack>watchpack>chokidar>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"webpack>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"webpack>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":612,"path":"webpack>watchpack>chokidar>fsevents>node-pre-gyp>rc>deep-extend","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.2","paths":["@babel/cli>chokidar>fsevents>node-pre-gyp>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rc>deep-extend"],"dev":false,"optional":false,"bundled":false}],"id":612,"created":"2018-04-24T23:13:13.134Z","updated":"2018-05-08T01:46:15.050Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"deep-extend","cves":[],"vulnerable_versions":"<=0.5.0","patched_versions":">=0.5.1","overview":"Versions of `deep-extend` before 0.5.1 are vulnerable to prototype pollution.","recommendation":"Update to version 0.5.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/311333)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/612"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"eslint>inquirer>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"eslint>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"eslint>table>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"eslint>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":328,"path":"jquery","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.11.3","paths":["jquery"],"dev":false,"optional":false,"bundled":false}],"id":328,"created":"2017-03-20T21:50:28.000Z","updated":"2018-03-26T21:14:32.509Z","deleted":null,"title":"Cross-Site Scripting (XSS)","found_by":{"name":"Egor Homakov"},"reported_by":{"name":"Egor Homakov"},"module_name":"jquery","cves":["CVE-2017-16012"],"vulnerable_versions":">=1.4.0 <=1.11.3 || >=1.12.4 <=2.2.4","patched_versions":">=3.0.0","overview":"Affected versions of `jquery` interpret `text/javascript` responses from cross-origin ajax requests, and automatically execute the contents in `jQuery.globalEval`, even when the ajax request doesn't contain the `dataType` option.","recommendation":"Update to version 3.0.0 or later.","references":"[Issue #2432](https://github.com/jquery/jquery/issues/2432)\n[Commit #b078a62](https://github.com/jquery/jquery/commit/b078a62013782c7424a4a61a240c23c4c0b42614)\n[PR #2588](https://github.com/jquery/jquery/pull/2588)","access":"public","severity":"high","cwe":"CWE-725","metadata":{"module_type":"Browser.Library","exploitability":3,"affected_components":""},"url":"https://npmjs.com/advisories/328"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"svg-react-loader>css>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"svg-react-loader>xml2js>xmlbuilder>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"onfido-sdk-ui>react-redux>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"onfido-sdk-ui>redux>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"@babel/cli>chokidar>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-register>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-core>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-core>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-core>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"webpack>micromatch>extglob>expand-brackets>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"webpack>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"webpack>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"webpack>micromatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":646,"path":"jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.0.3","paths":["@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","@babel/cli>chokidar>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>source-map-resolve>atob","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>source-map-resolve>atob","webpack>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>source-map-resolve>atob","webpack>watchpack>chokidar>braces>snapdragon>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false},{"version":"1.1.3","paths":["svg-react-loader>css>source-map-resolve>atob"],"dev":false,"optional":false,"bundled":false}],"id":646,"created":"2018-05-16T16:30:34.348Z","updated":"2018-05-16T16:30:34.348Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"atob","cves":[],"vulnerable_versions":"<=2.0.3","patched_versions":">=2.1.0","overview":"Versions of `atob` before 2.1.0  uninitialized Buffers when number is passed in input on Node.js 4.x and below.","recommendation":"Update to version 2.1.0 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/321686)","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/646"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":157,"path":"jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.7","paths":["imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>gulp-decompress>decompress>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>vinyl-fs>glob-stream>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runner>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-environment-node>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>expect>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-config>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-haste-map>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-runtime>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-snapshot>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>jest-util>jest-message-util>micromatch>braces>expand-range>fill-range>randomatic","jest>jest-cli>micromatch>braces>expand-range>fill-range>randomatic"],"dev":false,"optional":false,"bundled":false}],"id":157,"created":"2016-11-09T20:03:19.000Z","updated":"2018-05-08T15:23:56.190Z","deleted":null,"title":"Cryptographically Weak PRNG","found_by":{"name":"Sven Slootweg"},"reported_by":{"name":"Sven Slootweg"},"module_name":"randomatic","cves":["CVE-2017-16028"],"vulnerable_versions":"<3.0.0","patched_versions":">=3.0.0","overview":"Affected versions of `randomatic` generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended.\r\n\r\n","recommendation":"Update to version 3.0.0 or later.\r\n","references":"- [Commit #4a52695](https://github.com/jonschlinkert/randomatic/commit/4a526959b3a246ae8e4a82f9c182180907227fe1#diff-b9cfc7f2cdf78a7f4b91a753d10865a2)","access":"public","severity":"low","cwe":"CWE-330","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/157"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":606,"path":"jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.13.1","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","node-sass>node-gyp>request>http-signature>sshpk","node-sass>request>http-signature>sshpk"],"dev":false,"optional":false,"bundled":false}],"id":606,"created":"2018-04-24T22:25:08.333Z","updated":"2018-09-07T17:39:16.549Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"sshpk","cves":["CVE-2018-3737"],"vulnerable_versions":"<1.13.2 || >=1.14.0 <1.14.1","patched_versions":">=1.13.2 < 1.14.0 || >=1.14.1","overview":"Versions of `sshpk` before 1.13.2 or 1.14.1 are vulnerable to regular expression denial of service when parsing crafted invalid public keys.","recommendation":"Update to version 1.13.2, 1.14.1 or later.","references":"- https://github.com/joyent/node-sshpk/blob/v1.13.1/lib/formats/ssh.js#L17\n- [HackerOne Report](https://hackerone.com/reports/319593)\n- https://github.com/joyent/node-sshpk/commit/46065d38a5e6d1bccf86d3efb2fb83c14e3f9957","access":"public","severity":"high","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/606"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":606,"path":"jest>jest-cli>jest-environment-jsdom>jsdom>request>http-signature>sshpk","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.13.1","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","node-sass>node-gyp>request>http-signature>sshpk","node-sass>request>http-signature>sshpk"],"dev":false,"optional":false,"bundled":false}],"id":606,"created":"2018-04-24T22:25:08.333Z","updated":"2018-09-07T17:39:16.549Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"sshpk","cves":["CVE-2018-3737"],"vulnerable_versions":"<1.13.2 || >=1.14.0 <1.14.1","patched_versions":">=1.13.2 < 1.14.0 || >=1.14.1","overview":"Versions of `sshpk` before 1.13.2 or 1.14.1 are vulnerable to regular expression denial of service when parsing crafted invalid public keys.","recommendation":"Update to version 1.13.2, 1.14.1 or later.","references":"- https://github.com/joyent/node-sshpk/blob/v1.13.1/lib/formats/ssh.js#L17\n- [HackerOne Report](https://hackerone.com/reports/319593)\n- https://github.com/joyent/node-sshpk/commit/46065d38a5e6d1bccf86d3efb2fb83c14e3f9957","access":"public","severity":"high","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/606"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":606,"path":"jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.13.1","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","node-sass>node-gyp>request>http-signature>sshpk","node-sass>request>http-signature>sshpk"],"dev":false,"optional":false,"bundled":false}],"id":606,"created":"2018-04-24T22:25:08.333Z","updated":"2018-09-07T17:39:16.549Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"sshpk","cves":["CVE-2018-3737"],"vulnerable_versions":"<1.13.2 || >=1.14.0 <1.14.1","patched_versions":">=1.13.2 < 1.14.0 || >=1.14.1","overview":"Versions of `sshpk` before 1.13.2 or 1.14.1 are vulnerable to regular expression denial of service when parsing crafted invalid public keys.","recommendation":"Update to version 1.13.2, 1.14.1 or later.","references":"- https://github.com/joyent/node-sshpk/blob/v1.13.1/lib/formats/ssh.js#L17\n- [HackerOne Report](https://hackerone.com/reports/319593)\n- https://github.com/joyent/node-sshpk/commit/46065d38a5e6d1bccf86d3efb2fb83c14e3f9957","access":"public","severity":"high","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/606"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":606,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.13.1","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","node-sass>node-gyp>request>http-signature>sshpk","node-sass>request>http-signature>sshpk"],"dev":false,"optional":false,"bundled":false}],"id":606,"created":"2018-04-24T22:25:08.333Z","updated":"2018-09-07T17:39:16.549Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"sshpk","cves":["CVE-2018-3737"],"vulnerable_versions":"<1.13.2 || >=1.14.0 <1.14.1","patched_versions":">=1.13.2 < 1.14.0 || >=1.14.1","overview":"Versions of `sshpk` before 1.13.2 or 1.14.1 are vulnerable to regular expression denial of service when parsing crafted invalid public keys.","recommendation":"Update to version 1.13.2, 1.14.1 or later.","references":"- https://github.com/joyent/node-sshpk/blob/v1.13.1/lib/formats/ssh.js#L17\n- [HackerOne Report](https://hackerone.com/reports/319593)\n- https://github.com/joyent/node-sshpk/commit/46065d38a5e6d1bccf86d3efb2fb83c14e3f9957","access":"public","severity":"high","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/606"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":606,"path":"jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.13.1","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>http-signature>sshpk","node-sass>node-gyp>request>http-signature>sshpk","node-sass>request>http-signature>sshpk"],"dev":false,"optional":false,"bundled":false}],"id":606,"created":"2018-04-24T22:25:08.333Z","updated":"2018-09-07T17:39:16.549Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"sshpk","cves":["CVE-2018-3737"],"vulnerable_versions":"<1.13.2 || >=1.14.0 <1.14.1","patched_versions":">=1.13.2 < 1.14.0 || >=1.14.1","overview":"Versions of `sshpk` before 1.13.2 or 1.14.1 are vulnerable to regular expression denial of service when parsing crafted invalid public keys.","recommendation":"Update to version 1.13.2, 1.14.1 or later.","references":"- https://github.com/joyent/node-sshpk/blob/v1.13.1/lib/formats/ssh.js#L17\n- [HackerOne Report](https://hackerone.com/reports/319593)\n- https://github.com/joyent/node-sshpk/commit/46065d38a5e6d1bccf86d3efb2fb83c14e3f9957","access":"public","severity":"high","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/606"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":664,"path":"jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>stringstream","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.0.5","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","node-sass>node-gyp>request>stringstream","node-sass>request>stringstream"],"dev":false,"optional":false,"bundled":false}],"id":664,"created":"2018-05-16T19:39:37.463Z","updated":"2018-05-22T15:03:12.999Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"stringstream","cves":[],"vulnerable_versions":"<=0.0.5","patched_versions":">=0.0.6","overview":"All versions of `stringstream` are vulnerable to out-of-bounds read as it allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below.","recommendation":"No fix is currently available for this vulnerability. It is our recommendation to not install or use this module if user input is being passed in to `stringstream`.\n","references":"- [HackerOne Report](https://hackerone.com/reports/321670)\n- https://github.com/mhart/StringStream/blob/v0.0.5/stringstream.js#L32","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/664"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":664,"path":"jest>jest-cli>jest-environment-jsdom>jsdom>request>stringstream","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.0.5","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","node-sass>node-gyp>request>stringstream","node-sass>request>stringstream"],"dev":false,"optional":false,"bundled":false}],"id":664,"created":"2018-05-16T19:39:37.463Z","updated":"2018-05-22T15:03:12.999Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"stringstream","cves":[],"vulnerable_versions":"<=0.0.5","patched_versions":">=0.0.6","overview":"All versions of `stringstream` are vulnerable to out-of-bounds read as it allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below.","recommendation":"No fix is currently available for this vulnerability. It is our recommendation to not install or use this module if user input is being passed in to `stringstream`.\n","references":"- [HackerOne Report](https://hackerone.com/reports/321670)\n- https://github.com/mhart/StringStream/blob/v0.0.5/stringstream.js#L32","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/664"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":664,"path":"jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>stringstream","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.0.5","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","node-sass>node-gyp>request>stringstream","node-sass>request>stringstream"],"dev":false,"optional":false,"bundled":false}],"id":664,"created":"2018-05-16T19:39:37.463Z","updated":"2018-05-22T15:03:12.999Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"stringstream","cves":[],"vulnerable_versions":"<=0.0.5","patched_versions":">=0.0.6","overview":"All versions of `stringstream` are vulnerable to out-of-bounds read as it allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below.","recommendation":"No fix is currently available for this vulnerability. It is our recommendation to not install or use this module if user input is being passed in to `stringstream`.\n","references":"- [HackerOne Report](https://hackerone.com/reports/321670)\n- https://github.com/mhart/StringStream/blob/v0.0.5/stringstream.js#L32","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/664"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":664,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.0.5","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","node-sass>node-gyp>request>stringstream","node-sass>request>stringstream"],"dev":false,"optional":false,"bundled":false}],"id":664,"created":"2018-05-16T19:39:37.463Z","updated":"2018-05-22T15:03:12.999Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"stringstream","cves":[],"vulnerable_versions":"<=0.0.5","patched_versions":">=0.0.6","overview":"All versions of `stringstream` are vulnerable to out-of-bounds read as it allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below.","recommendation":"No fix is currently available for this vulnerability. It is our recommendation to not install or use this module if user input is being passed in to `stringstream`.\n","references":"- [HackerOne Report](https://hackerone.com/reports/321670)\n- https://github.com/mhart/StringStream/blob/v0.0.5/stringstream.js#L32","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/664"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":664,"path":"jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.0.5","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>stringstream","node-sass>node-gyp>request>stringstream","node-sass>request>stringstream"],"dev":false,"optional":false,"bundled":false}],"id":664,"created":"2018-05-16T19:39:37.463Z","updated":"2018-05-22T15:03:12.999Z","deleted":null,"title":"Out-of-bounds Read","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"stringstream","cves":[],"vulnerable_versions":"<=0.0.5","patched_versions":">=0.0.6","overview":"All versions of `stringstream` are vulnerable to out-of-bounds read as it allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below.","recommendation":"No fix is currently available for this vulnerability. It is our recommendation to not install or use this module if user input is being passed in to `stringstream`.\n","references":"- [HackerOne Report](https://hackerone.com/reports/321670)\n- https://github.com/mhart/StringStream/blob/v0.0.5/stringstream.js#L32","access":"public","severity":"moderate","cwe":"CWE-125","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/664"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"@babel/cli>chokidar>readdirp>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"eslint-loader>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"jest>jest-cli>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"redux>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"eslint-plugin-import>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>jest-snapshot>babel-types>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"webpack-bundle-analyzer>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"webpack-cli>inquirer>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":720,"path":"jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"3.1.2","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","node-sass>node-gyp>request>hawk>cryptiles"],"dev":false,"optional":false,"bundled":false}],"id":720,"created":"2018-11-01T18:32:48.906Z","updated":"2018-11-02T21:39:11.618Z","deleted":null,"title":"Insufficient Entropy","found_by":{"link":"https://www.microsoft.com/en-us/msrc/msvr","name":"Microsoft Vulnerability Research"},"reported_by":{"link":"https://www.microsoft.com/en-us/msrc/msvr","name":"Microsoft Vulnerability Research"},"module_name":"cryptiles","cves":["CVE-2018-1000620"],"vulnerable_versions":">=3.1.0 <3.1.3 || >=4.0.0 <4.1.2","patched_versions":">=3.1.3 <4.0.0 || >=4.1.2","overview":"Versions of `cryptiles` from version 3.1.0 through 3.1.2, and versions 4.0.0 to version 4.1.1 are vulnerable to insufficient entropy.  The `randomDigits` method generates digits that lack a perfect distribution over enough attempts.\n","recommendation":"Update to version 3.1.3 or 4.1.2 or later.","references":"- [GitHub Issue](https://github.com/hapijs/cryptiles/issues/34)\n- [security-wg](https://github.com/nodejs/security-wg/blob/master/vuln/npm/476.json)","access":"public","severity":"high","cwe":"CWE-331","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/720"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":720,"path":"jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"3.1.2","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","node-sass>node-gyp>request>hawk>cryptiles"],"dev":false,"optional":false,"bundled":false}],"id":720,"created":"2018-11-01T18:32:48.906Z","updated":"2018-11-02T21:39:11.618Z","deleted":null,"title":"Insufficient Entropy","found_by":{"link":"https://www.microsoft.com/en-us/msrc/msvr","name":"Microsoft Vulnerability Research"},"reported_by":{"link":"https://www.microsoft.com/en-us/msrc/msvr","name":"Microsoft Vulnerability Research"},"module_name":"cryptiles","cves":["CVE-2018-1000620"],"vulnerable_versions":">=3.1.0 <3.1.3 || >=4.0.0 <4.1.2","patched_versions":">=3.1.3 <4.0.0 || >=4.1.2","overview":"Versions of `cryptiles` from version 3.1.0 through 3.1.2, and versions 4.0.0 to version 4.1.1 are vulnerable to insufficient entropy.  The `randomDigits` method generates digits that lack a perfect distribution over enough attempts.\n","recommendation":"Update to version 3.1.3 or 4.1.2 or later.","references":"- [GitHub Issue](https://github.com/hapijs/cryptiles/issues/34)\n- [security-wg](https://github.com/nodejs/security-wg/blob/master/vuln/npm/476.json)","access":"public","severity":"high","cwe":"CWE-331","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/720"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":720,"path":"jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"3.1.2","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","node-sass>node-gyp>request>hawk>cryptiles"],"dev":false,"optional":false,"bundled":false}],"id":720,"created":"2018-11-01T18:32:48.906Z","updated":"2018-11-02T21:39:11.618Z","deleted":null,"title":"Insufficient Entropy","found_by":{"link":"https://www.microsoft.com/en-us/msrc/msvr","name":"Microsoft Vulnerability Research"},"reported_by":{"link":"https://www.microsoft.com/en-us/msrc/msvr","name":"Microsoft Vulnerability Research"},"module_name":"cryptiles","cves":["CVE-2018-1000620"],"vulnerable_versions":">=3.1.0 <3.1.3 || >=4.0.0 <4.1.2","patched_versions":">=3.1.3 <4.0.0 || >=4.1.2","overview":"Versions of `cryptiles` from version 3.1.0 through 3.1.2, and versions 4.0.0 to version 4.1.1 are vulnerable to insufficient entropy.  The `randomDigits` method generates digits that lack a perfect distribution over enough attempts.\n","recommendation":"Update to version 3.1.3 or 4.1.2 or later.","references":"- [GitHub Issue](https://github.com/hapijs/cryptiles/issues/34)\n- [security-wg](https://github.com/nodejs/security-wg/blob/master/vuln/npm/476.json)","access":"public","severity":"high","cwe":"CWE-331","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/720"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":720,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"3.1.2","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","node-sass>node-gyp>request>hawk>cryptiles"],"dev":false,"optional":false,"bundled":false}],"id":720,"created":"2018-11-01T18:32:48.906Z","updated":"2018-11-02T21:39:11.618Z","deleted":null,"title":"Insufficient Entropy","found_by":{"link":"https://www.microsoft.com/en-us/msrc/msvr","name":"Microsoft Vulnerability Research"},"reported_by":{"link":"https://www.microsoft.com/en-us/msrc/msvr","name":"Microsoft Vulnerability Research"},"module_name":"cryptiles","cves":["CVE-2018-1000620"],"vulnerable_versions":">=3.1.0 <3.1.3 || >=4.0.0 <4.1.2","patched_versions":">=3.1.3 <4.0.0 || >=4.1.2","overview":"Versions of `cryptiles` from version 3.1.0 through 3.1.2, and versions 4.0.0 to version 4.1.1 are vulnerable to insufficient entropy.  The `randomDigits` method generates digits that lack a perfect distribution over enough attempts.\n","recommendation":"Update to version 3.1.3 or 4.1.2 or later.","references":"- [GitHub Issue](https://github.com/hapijs/cryptiles/issues/34)\n- [security-wg](https://github.com/nodejs/security-wg/blob/master/vuln/npm/476.json)","access":"public","severity":"high","cwe":"CWE-331","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/720"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":720,"path":"jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"3.1.2","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles","node-sass>node-gyp>request>hawk>cryptiles"],"dev":false,"optional":false,"bundled":false}],"id":720,"created":"2018-11-01T18:32:48.906Z","updated":"2018-11-02T21:39:11.618Z","deleted":null,"title":"Insufficient Entropy","found_by":{"link":"https://www.microsoft.com/en-us/msrc/msvr","name":"Microsoft Vulnerability Research"},"reported_by":{"link":"https://www.microsoft.com/en-us/msrc/msvr","name":"Microsoft Vulnerability Research"},"module_name":"cryptiles","cves":["CVE-2018-1000620"],"vulnerable_versions":">=3.1.0 <3.1.3 || >=4.0.0 <4.1.2","patched_versions":">=3.1.3 <4.0.0 || >=4.1.2","overview":"Versions of `cryptiles` from version 3.1.0 through 3.1.2, and versions 4.0.0 to version 4.1.1 are vulnerable to insufficient entropy.  The `randomDigits` method generates digits that lack a perfect distribution over enough attempts.\n","recommendation":"Update to version 3.1.3 or 4.1.2 or later.","references":"- [GitHub Issue](https://github.com/hapijs/cryptiles/issues/34)\n- [security-wg](https://github.com/nodejs/security-wg/blob/master/vuln/npm/476.json)","access":"public","severity":"high","cwe":"CWE-331","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/720"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":566,"path":"jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.2.0","paths":["jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>cryptiles>boom>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>hoek","jest>jest-cli>jest-runtime>jest-config>jest-environment-jsdom>jsdom>request>hawk>sntp>hoek","node-sass>node-gyp>request>hawk>boom>hoek","node-sass>node-gyp>request>hawk>cryptiles>boom>hoek","node-sass>node-gyp>request>hawk>hoek","node-sass>node-gyp>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false},{"version":"2.16.3","paths":["node-sass>request>hawk>boom>hoek","node-sass>request>hawk>cryptiles>boom>hoek","node-sass>request>hawk>hoek","node-sass>request>hawk>sntp>hoek"],"dev":false,"optional":false,"bundled":false}],"id":566,"created":"2018-04-20T21:25:58.421Z","updated":"2018-04-20T21:25:58.421Z","deleted":null,"title":"Prototype pollution","found_by":{"name":"HoLyVieR"},"reported_by":{"name":"HoLyVieR"},"module_name":"hoek","cves":[],"vulnerable_versions":"<= 4.2.0 || >= 5.0.0 < 5.0.3","patched_versions":"> 4.2.0 < 5.0.0 || >= 5.0.3","overview":"Versions of `hoek` prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution.\n\nThe `merge` function, and the `applyToDefaults` and `applyToDefaultsWithShallow` functions which leverage `merge` behind the scenes, are vulnerable to a prototype pollution attack when provided an _unvalidated_ payload created from a JSON string containing the `__proto__` property.\n\nThis can be demonstrated like so:\n\n```javascript\nvar Hoek = require('hoek');\nvar malicious_payload = '{\"__proto__\":{\"oops\":\"It works !\"}}';\n\nvar a = {};\nconsole.log(\"Before : \" + a.oops);\nHoek.merge({}, JSON.parse(malicious_payload));\nconsole.log(\"After : \" + a.oops);\n```\n\nThis type of attack can be used to overwrite existing properties causing a potential denial of service.","recommendation":"Update to version 4.2.1, 5.0.3 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-471","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/566"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":654,"path":"css-loader>cssnano>postcss-filter-plugins>uniqid>macaddress","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.2.8","paths":["css-loader>cssnano>postcss-filter-plugins>uniqid>macaddress","cssnano>postcss-filter-plugins>uniqid>macaddress"],"dev":false,"optional":false,"bundled":false}],"id":654,"created":"2018-05-16T17:40:38.525Z","updated":"2018-06-25T16:47:08.259Z","deleted":null,"title":"Command Injection","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"macaddress","cves":[],"vulnerable_versions":"<= 0.2.8","patched_versions":">= 0.2.9","overview":"All versions of `macaddress` are vulnerable to command injection. For this vulnerability to be exploited an attacker needs to control the `iface` argument to the `one` method.","recommendation":"Update to version 0.2.9 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/319467)\n- [Github PR #20](https://github.com/scravy/node-macaddress/pull/20)","access":"public","severity":"critical","cwe":"CWE-78","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/654"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":654,"path":"cssnano>postcss-filter-plugins>uniqid>macaddress","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.2.8","paths":["css-loader>cssnano>postcss-filter-plugins>uniqid>macaddress","cssnano>postcss-filter-plugins>uniqid>macaddress"],"dev":false,"optional":false,"bundled":false}],"id":654,"created":"2018-05-16T17:40:38.525Z","updated":"2018-06-25T16:47:08.259Z","deleted":null,"title":"Command Injection","found_by":{"name":"Сковорода Никита Андреевич"},"reported_by":{"name":"Сковорода Никита Андреевич"},"module_name":"macaddress","cves":[],"vulnerable_versions":"<= 0.2.8","patched_versions":">= 0.2.9","overview":"All versions of `macaddress` are vulnerable to command injection. For this vulnerability to be exploited an attacker needs to control the `iface` argument to the `one` method.","recommendation":"Update to version 0.2.9 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/319467)\n- [Github PR #20](https://github.com/scravy/node-macaddress/pull/20)","access":"public","severity":"critical","cwe":"CWE-78","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/654"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":722,"path":"jest>jest-cli>jest-haste-map>sane>exec-sh>merge","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.2.0","paths":["jest>jest-cli>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge"],"dev":false,"optional":false,"bundled":false}],"id":722,"created":"2018-11-05T17:04:20.221Z","updated":"2018-11-05T17:04:20.221Z","deleted":null,"title":"Prototype pollution","found_by":{"link":"","name":"asgerf"},"reported_by":{"link":"","name":"asgerf"},"module_name":"merge","cves":["CVE-2018-16469"],"vulnerable_versions":"<=1.2.0","patched_versions":">=1.2.1","overview":"Versions of `merge` before 1.2.1 are vulnerable to prototype pollution. The `merge.recursive` function can be tricked into adding or modifying properties of the Object prototype.","recommendation":"Update to version 1.2.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/381194)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":"recursive function"},"url":"https://npmjs.com/advisories/722"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":722,"path":"jest>jest-cli>jest-haste-map>sane>watch>exec-sh>merge","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.2.0","paths":["jest>jest-cli>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge"],"dev":false,"optional":false,"bundled":false}],"id":722,"created":"2018-11-05T17:04:20.221Z","updated":"2018-11-05T17:04:20.221Z","deleted":null,"title":"Prototype pollution","found_by":{"link":"","name":"asgerf"},"reported_by":{"link":"","name":"asgerf"},"module_name":"merge","cves":["CVE-2018-16469"],"vulnerable_versions":"<=1.2.0","patched_versions":">=1.2.1","overview":"Versions of `merge` before 1.2.1 are vulnerable to prototype pollution. The `merge.recursive` function can be tricked into adding or modifying properties of the Object prototype.","recommendation":"Update to version 1.2.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/381194)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":"recursive function"},"url":"https://npmjs.com/advisories/722"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":722,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>exec-sh>merge","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.2.0","paths":["jest>jest-cli>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge"],"dev":false,"optional":false,"bundled":false}],"id":722,"created":"2018-11-05T17:04:20.221Z","updated":"2018-11-05T17:04:20.221Z","deleted":null,"title":"Prototype pollution","found_by":{"link":"","name":"asgerf"},"reported_by":{"link":"","name":"asgerf"},"module_name":"merge","cves":["CVE-2018-16469"],"vulnerable_versions":"<=1.2.0","patched_versions":">=1.2.1","overview":"Versions of `merge` before 1.2.1 are vulnerable to prototype pollution. The `merge.recursive` function can be tricked into adding or modifying properties of the Object prototype.","recommendation":"Update to version 1.2.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/381194)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":"recursive function"},"url":"https://npmjs.com/advisories/722"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":722,"path":"jest>jest-cli>jest-runner>jest-haste-map>sane>watch>exec-sh>merge","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.2.0","paths":["jest>jest-cli>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge"],"dev":false,"optional":false,"bundled":false}],"id":722,"created":"2018-11-05T17:04:20.221Z","updated":"2018-11-05T17:04:20.221Z","deleted":null,"title":"Prototype pollution","found_by":{"link":"","name":"asgerf"},"reported_by":{"link":"","name":"asgerf"},"module_name":"merge","cves":["CVE-2018-16469"],"vulnerable_versions":"<=1.2.0","patched_versions":">=1.2.1","overview":"Versions of `merge` before 1.2.1 are vulnerable to prototype pollution. The `merge.recursive` function can be tricked into adding or modifying properties of the Object prototype.","recommendation":"Update to version 1.2.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/381194)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":"recursive function"},"url":"https://npmjs.com/advisories/722"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":722,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>exec-sh>merge","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.2.0","paths":["jest>jest-cli>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge"],"dev":false,"optional":false,"bundled":false}],"id":722,"created":"2018-11-05T17:04:20.221Z","updated":"2018-11-05T17:04:20.221Z","deleted":null,"title":"Prototype pollution","found_by":{"link":"","name":"asgerf"},"reported_by":{"link":"","name":"asgerf"},"module_name":"merge","cves":["CVE-2018-16469"],"vulnerable_versions":"<=1.2.0","patched_versions":">=1.2.1","overview":"Versions of `merge` before 1.2.1 are vulnerable to prototype pollution. The `merge.recursive` function can be tricked into adding or modifying properties of the Object prototype.","recommendation":"Update to version 1.2.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/381194)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":"recursive function"},"url":"https://npmjs.com/advisories/722"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":722,"path":"jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.2.0","paths":["jest>jest-cli>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge"],"dev":false,"optional":false,"bundled":false}],"id":722,"created":"2018-11-05T17:04:20.221Z","updated":"2018-11-05T17:04:20.221Z","deleted":null,"title":"Prototype pollution","found_by":{"link":"","name":"asgerf"},"reported_by":{"link":"","name":"asgerf"},"module_name":"merge","cves":["CVE-2018-16469"],"vulnerable_versions":"<=1.2.0","patched_versions":">=1.2.1","overview":"Versions of `merge` before 1.2.1 are vulnerable to prototype pollution. The `merge.recursive` function can be tricked into adding or modifying properties of the Object prototype.","recommendation":"Update to version 1.2.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/381194)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":"recursive function"},"url":"https://npmjs.com/advisories/722"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":722,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>exec-sh>merge","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.2.0","paths":["jest>jest-cli>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge"],"dev":false,"optional":false,"bundled":false}],"id":722,"created":"2018-11-05T17:04:20.221Z","updated":"2018-11-05T17:04:20.221Z","deleted":null,"title":"Prototype pollution","found_by":{"link":"","name":"asgerf"},"reported_by":{"link":"","name":"asgerf"},"module_name":"merge","cves":["CVE-2018-16469"],"vulnerable_versions":"<=1.2.0","patched_versions":">=1.2.1","overview":"Versions of `merge` before 1.2.1 are vulnerable to prototype pollution. The `merge.recursive` function can be tricked into adding or modifying properties of the Object prototype.","recommendation":"Update to version 1.2.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/381194)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":"recursive function"},"url":"https://npmjs.com/advisories/722"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":722,"path":"jest>jest-cli>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.2.0","paths":["jest>jest-cli>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>exec-sh>merge","jest>jest-cli>jest-runtime>jest-haste-map>sane>watch>exec-sh>merge"],"dev":false,"optional":false,"bundled":false}],"id":722,"created":"2018-11-05T17:04:20.221Z","updated":"2018-11-05T17:04:20.221Z","deleted":null,"title":"Prototype pollution","found_by":{"link":"","name":"asgerf"},"reported_by":{"link":"","name":"asgerf"},"module_name":"merge","cves":["CVE-2018-16469"],"vulnerable_versions":"<=1.2.0","patched_versions":">=1.2.1","overview":"Versions of `merge` before 1.2.1 are vulnerable to prototype pollution. The `merge.recursive` function can be tricked into adding or modifying properties of the Object prototype.","recommendation":"Update to version 1.2.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/381194)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":"recursive function"},"url":"https://npmjs.com/advisories/722"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-api>async>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":338,"path":"jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.1.6","paths":["@babel/cli>chokidar>readdirp>minimatch>brace-expansion","@babel/cli>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","clean-webpack-plugin>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","copy-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","eslint>file-entry-cache>flat-cache>del>rimraf>glob>minimatch>brace-expansion","eslint>minimatch>brace-expansion","eslint-loader>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>exec-buffer>rimraf>glob>minimatch>brace-expansion","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-api>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>istanbul-lib-source-maps>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>jest-runtime>jest-haste-map>sane>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion","jest>jest-cli>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>fstream>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>minimatch>brace-expansion","node-sass>node-gyp>rimraf>glob>minimatch>brace-expansion","node-sass>node-gyp>tar>fstream>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>copy-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>move-concurrently>rimraf>glob>minimatch>brace-expansion","webpack>uglifyjs-webpack-plugin>cacache>rimraf>glob>minimatch>brace-expansion","webpack>watchpack>chokidar>readdirp>minimatch>brace-expansion","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rimraf>glob>minimatch>brace-expansion"],"dev":false,"optional":false,"bundled":false}],"id":338,"created":"2017-04-25T18:07:05.988Z","updated":"2018-03-28T20:04:39.123Z","deleted":null,"title":"ReDoS","found_by":{"name":"myvyang"},"reported_by":{"name":"myvyang"},"module_name":"brace-expansion","cves":["CVE-2017-16032"],"vulnerable_versions":"<=1.1.6","patched_versions":">=1.1.7","overview":"Affected versions of `brace-expansion` are vulnerable to a regular expression denial of service condition.\n\n## Proof of Concept\n\n```\nvar expand = require('brace-expansion');\nexpand('{,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\\n}');\n```","recommendation":"Update to version 1.1.7 or later.","references":"[Issue #33](https://github.com/juliangruber/brace-expansion/issues/33)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35)\n[PR #35](https://github.com/juliangruber/brace-expansion/pull/35/commits/b13381281cead487cbdbfd6a69fb097ea5e456c3)","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"Multi.Library","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/338"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"react-phone-number-input>react-responsive-ui>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":577,"path":"react-phone-number-input>react-responsive-ui>react-dnd>lodash","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.17.4","paths":["onfido-sdk-ui>react-phone-number-input>react-responsive-ui>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd>lodash","onfido-sdk-ui>react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","onfido-sdk-ui>react-redux>lodash","onfido-sdk-ui>redux>lodash","react-phone-number-input>react-responsive-ui>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>lodash","react-phone-number-input>react-responsive-ui>react-dnd>dnd-core>redux>lodash","react-phone-number-input>react-responsive-ui>react-dnd>lodash","react-phone-number-input>react-responsive-ui>react-dnd-html5-backend>lodash","redux>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","eslint>inquirer>lodash","eslint>lodash","eslint>table>lodash","eslint-plugin-import>lodash","jest>jest-cli>istanbul-api>async>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-api>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-config>babel-core>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-resolve-dependencies>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runner>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>babel-core>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-helpers>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-register>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-core>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-generator>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-template>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>istanbul-lib-instrument>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>babel-types>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>babel-traverse>lodash","jest>jest-cli>jest-runtime>jest-config>jest-jasmine2>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-runtime>jest-snapshot>babel-types>lodash","jest>jest-cli>jest-snapshot>babel-types>lodash","node-sass>gaze>globule>lodash","node-sass>sass-graph>lodash","svg-react-loader>xml2js>xmlbuilder>lodash","webpack-bundle-analyzer>lodash","webpack-cli>inquirer>lodash"],"dev":false,"optional":false,"bundled":false}],"id":577,"created":"2018-04-24T14:27:02.796Z","updated":"2018-04-24T14:27:13.049Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"lodash","cves":["CVE-2018-3721"],"vulnerable_versions":"<4.17.5","patched_versions":">=4.17.5","overview":"Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution. \n\nThe vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `__proto__` causing the addition or modification of an existing property that will exist on all objects.\n\n","recommendation":"Update to version 4.17.5 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/310443)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":1,"affected_components":""},"url":"https://npmjs.com/advisories/577"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":612,"path":"@babel/cli>chokidar>fsevents>node-pre-gyp>rc>deep-extend","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"0.4.2","paths":["@babel/cli>chokidar>fsevents>node-pre-gyp>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-gifsicle>gifsicle>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-jpegtran>jpegtran-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-build>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-optipng>optipng-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","imagemin-webpack-plugin>imagemin-pngquant>pngquant-bin>bin-wrapper>download>caw>get-proxy>rc>deep-extend","webpack>watchpack>chokidar>fsevents>node-pre-gyp>rc>deep-extend"],"dev":false,"optional":false,"bundled":false}],"id":612,"created":"2018-04-24T23:13:13.134Z","updated":"2018-05-08T01:46:15.050Z","deleted":null,"title":"Prototype Pollution","found_by":{"name":"Olivier Arteau (HoLyVieR)"},"reported_by":{"name":"Olivier Arteau (HoLyVieR)"},"module_name":"deep-extend","cves":[],"vulnerable_versions":"<=0.5.0","patched_versions":">=0.5.1","overview":"Versions of `deep-extend` before 0.5.1 are vulnerable to prototype pollution.","recommendation":"Update to version 0.5.1 or later.","references":"- [HackerOne Report](https://hackerone.com/reports/311333)","access":"public","severity":"low","cwe":"CWE-471","metadata":{"module_type":"","exploitability":2,"affected_components":""},"url":"https://npmjs.com/advisories/612"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":534,"path":"axios>follow-redirects>debug","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"2.6.1","paths":["axios>follow-redirects>debug","@babel/cli>chokidar>anymatch>micromatch>braces>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>extglob>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","@babel/cli>chokidar>anymatch>micromatch>snapdragon>debug","@babel/cli>chokidar>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runner>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-config>babel-jest>babel-plugin-istanbul>test-exclude>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>anymatch>micromatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>braces>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>expand-brackets>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>extglob>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>nanomatch>snapdragon>debug","jest>jest-cli>jest-runtime>jest-haste-map>sane>micromatch>snapdragon>debug","webpack>micromatch>braces>snapdragon>debug","webpack>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>micromatch>extglob>snapdragon>debug","webpack>micromatch>nanomatch>snapdragon>debug","webpack>micromatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>braces>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>expand-brackets>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>extglob>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>nanomatch>snapdragon>debug","webpack>watchpack>chokidar>anymatch>micromatch>snapdragon>debug","webpack>watchpack>chokidar>braces>snapdragon>debug"],"dev":false,"optional":false,"bundled":false}],"id":534,"created":"2017-09-25T18:55:55.956Z","updated":"2018-05-16T19:37:43.686Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"name":"Cristian-Alexandru Staicu"},"reported_by":{"name":"Cristian-Alexandru Staicu"},"module_name":"debug","cves":["CVE-2017-16137"],"vulnerable_versions":"<= 2.6.8 || >= 3.0.0 <= 3.0.1","patched_versions":">= 2.6.9 < 3.0.0 || >= 3.1.0","overview":"Affected versions of `debug` are vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. \n\nAs it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue.","recommendation":"Version 2.x.x: Update to version 2.6.9 or later.\nVersion 3.x.x: Update to version 3.1.0 or later.\n","references":"- [Issue #501](https://github.com/visionmedia/debug/issues/501)\n- [PR #504](https://github.com/visionmedia/debug/pull/504)","access":"public","severity":"low","cwe":"CWE-400","metadata":{"module_type":"","exploitability":5,"affected_components":""},"url":"https://npmjs.com/advisories/534"}}}
{"type":"auditSummary","data":{"vulnerabilities":{"info":0,"low":396,"moderate":170,"high":15,"critical":2},"dependencies":46494,"devDependencies":0,"optionalDependencies":0,"totalDependencies":46494}}