[Snyk] Upgrade: autocannon, consul, forever, nanoid, portfinder

[WontonSam]

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

Name	Versions	Released on

autocannon
from 5.0.1 to 7.15.0 | 31 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 7 months ago
on 2024-02-09
consul
from 0.37.0 to 1.2.0 | 7 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 years ago
on 2022-12-15
forever
from 3.0.0 to 4.0.3 | 8 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 3 years ago
on 2022-01-28
nanoid
from 3.1.10 to 5.0.7 | 42 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 5 months ago
on 2024-04-07
portfinder
from 1.0.26 to 1.0.32 | 6 versions ahead of your current version | 2 years ago
on 2022-08-13

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	45	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	45	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	45	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	45	Proof of Concept
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	45	Proof of Concept
	Prototype Pollution SNYK-JS-INI-1048974	45	Proof of Concept
	Code Injection SNYK-JS-LODASH-1040724	45	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	45	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	45	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-6139239	45	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	45	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-I-1726768	45	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	45	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	45	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	45	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	45	No Known Exploit
	Information Exposure SNYK-JS-NANOID-2332193	45	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	45	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	45	Proof of Concept

Release notes

Package name: autocannon

• 7.15.0 - 2024-02-09
  

  What's Changed

  • doc: adjust alignement by @ RafaelGSS in #501
  • Add just icon logos by @ Zeko369 in #504
  • allow only one host header by @ cberescu in #507

  New Contributors

  • @ Zeko369 made their first contribution in #504
  • @ cberescu made their first contribution in #507

  Full Changelog: v7.14.0...v7.15.0

• 7.14.0 - 2023-11-23
  

  What's Changed

  • improve string output for Req/Sec by @ rluvaton in #498
  • Add Node 20 to the test matrix by @ kibertoad in #491
  • docs(readme): Add missing result param by @ rozzilla in #499
  • lib: add verbose option by @ RafaelGSS in #500

  New Contributors

  • @ rluvaton made their first contribution in #498
  • @ kibertoad made their first contribution in #491
  • @ rozzilla made their first contribution in #499

  Full Changelog: v7.12.0...v7.14.0

• 7.12.0 - 2023-08-04
  

  What's Changed

  • Resolve issue #493 by @ jsumners in #494

  New Contributors

  • @ jsumners made their first contribution in #494

  Full Changelog: v7.11.0...v7.12.0

• 7.11.0 - 2023-05-03
  

  What's Changed

  • doc: change recomendation to wrk2 instead wrk by @ RafaelGSS in #469
  • chore(deps-dev): bump bl from 5.1.0 to 6.0.0 by @ dependabot in #470
  • chore(deps-dev): bump sinon from 14.0.2 to 15.0.0 by @ dependabot in #475
  • Add missing param docs. Fuller docs on worker mode by @ milesnash in #484
  • fix Cannot access 'connection' before initialization by @ moty66 in #486
  • Defer aggregating results until after the instance returns to allow multi-instance load tests by @ milesnash in #488

  New Contributors

  • @ milesnash made their first contribution in #484
  • @ moty66 made their first contribution in #486

  Full Changelog: v7.10.0...v7.11.0

• 7.10.0 - 2022-09-23
  

  What's Changed

  • chore(deps-dev): bump sinon from 13.0.2 to 14.0.0 by @ dependabot in #449
  • chore(deps): bump actions/setup-node from 3.1.1 to 3.2.0 by @ dependabot in #450
  • chore(deps): bump actions/setup-node from 3.2.0 to 3.3.0 by @ dependabot in #452
  • fix: Sync --help output with README by @ silverwind in #453
  • chore(deps): bump actions/setup-node from 3.3.0 to 3.4.0 by @ dependabot in #455
  • chore(test): remove metadata from j5 image by @ Fdawgs in #460
  • ci!: update workflow by @ Fdawgs in #454
  • fix verifyBody documentation by @ madflow in #461
  • Accept host header case-insensitively by @ silverwind in #463

  New Contributors

  • @ madflow made their first contribution in #461

  Full Changelog: v7.9.0...v7.10.0

• 7.9.0 - 2022-05-04
  

  What's Changed

  • ci: reduce job permissions to minimum by @ Fdawgs in #447
  • feat: add verifyBody to customize the mismatch rules for response body by @ GuanyuChen in #443
  • build(deps-dev): bump standard from 16.0.4 to 17.0.0 by @ Fdawgs in #448
  • chore(deps): bump actions/setup-node from 3.0.0 to 3.1.1 by @ dependabot in #441
  • chore(deps): bump fastify/github-action-merge-dependabot from 2.7.1 to 3.0.2 by @ dependabot in #412

  New Contributors

  • @ GuanyuChen made their first contribution in #443

  Full Changelog: v7.8.1...v7.9.0

• 7.8.1 - 2022-03-29
  

  What's Changed

  • fix: printing of result when interrupted by @ claudio-di-sciacca in #438

  New Contributors

  • @ claudio-di-sciacca made their first contribution in #438

  Full Changelog: v7.8.0...v7.8.1

• 7.8.0 - 2022-03-24
  

  What's Changed

  • Add cli options to pass cert information by @ chiragpat in #437

  Full Changelog: v7.7.2...v7.8.0

• 7.7.2 - 2022-03-19
  

  What's Changed

  • update: use sample interval default 1000 by @ RafaelGSS in #436

  Full Changelog: v7.7.1...v7.7.2

• 7.7.1 - 2022-03-16
  

  What's Changed

  • chore(deps): bump actions/setup-node from 2.5.1 to 3.0.0 by @ dependabot in #428
  • chore(deps): bump actions/checkout from 2 to 3 by @ dependabot in #429
  • chore(deps-dev): bump tap from 15.2.3 to 16.0.0 by @ dependabot in #430
  • Fixes #432 - Updating to only load the help text when required by @ klcodanr in #435

  New Contributors

  • @ klcodanr made their first contribution in #435

  Full Changelog: v7.7.0...v7.7.1

• 7.7.0 - 2022-02-22
• 7.6.0 - 2022-01-12
• 7.5.1 - 2021-12-23
• 7.5.0 - 2021-10-15
• 7.4.0 - 2021-07-08
• 7.3.0 - 2021-05-07
• 7.2.0 - 2021-04-16
• 7.1.0 - 2021-04-15
• 7.0.5 - 2021-03-03
• 7.0.4 - 2021-02-17
• 7.0.3 - 2021-01-21
• 7.0.2 - 2021-01-20
• 7.0.1 - 2020-12-18
• 7.0.0 - 2020-12-08
• 6.5.0 - 2020-09-30
• 6.4.0 - 2020-09-15
• 6.3.0 - 2020-09-10
• 6.2.0 - 2020-09-09
• 6.1.0 - 2020-08-21
• 6.0.0 - 2020-08-06
• 5.1.0 - 2020-07-28
• 5.0.1 - 2020-06-09

from autocannon GitHub release notes

Package name: consul

• 1.2.0 - 2022-12-15
  

  What's Changed

  • Handle backwards/zero index in watch by @ silas in #136

  Full Changelog: 1.1.0...1.2.0

• 1.1.0 - 2022-10-07
  

  Version 1.1.0

• 1.0.1 - 2022-08-28
  

  Version 1.0.1

• 1.0.0 - 2022-08-16
  

  Release 1.0.0 (#125)

• 0.40.0 - 2021-02-16
  

  Version 0.40.0

• 0.39.0 - 2020-10-20
  

  Version 0.39.0

• 0.38.0 - 2020-10-04
  

  Version 0.38.0

• 0.37.0 - 2020-01-05

from consul GitHub release notes

Package name: forever

• 4.0.3 - 2022-01-28
• 4.0.2 - 2022-01-10
• 4.0.1 - 2021-06-12
• 4.0.0 - 2021-06-01
  
  • [security] Replace nconf with configstore [#1112]
  • [security] Replace yargs with getopts [#1110]

  No changes should be needed for migration, but considering the library switch, this is marked as a semver-major to be on a safe side.

• 3.0.4 - 2020-11-21
• 3.0.3 - 2020-11-21
• 3.0.2 - 2020-08-22
• 3.0.1 - 2020-08-22
  

  Replace optimist with yargs

• 3.0.0 - 2020-05-22
  No content.

from forever GitHub release notes

Package name: nanoid

• 5.0.7 - 2024-04-07
  
  • Fixed Parcel support (by @ WilhelmYakunin).
• 5.0.6 - 2024-02-20
  
  • Fixed React Native support.
• 5.0.5 - 2024-02-01
  

  5.0.5

• 5.0.4 - 2023-12-02
  

  5.0.4

• 5.0.3 - 2023-11-06
  

  5.0.3

• 5.0.2 - 2023-10-15
  

  5.0.2

• 5.0.1 - 2023-09-12
  

  5.0.1

• 5.0.0 - 2023-09-12
  

  5.0

• 4.0.2 - 2023-03-26
  

  4.0.2

• 4.0.1 - 2023-02-05
• 4.0.0 - 2022-06-08
• 3.3.7 - 2023-11-06
  

  3.3.7

• 3.3.6 - 2023-03-26
• 3.3.5 - 2023-03-26
• 3.3.4 - 2022-05-03
• 3.3.3 - 2022-04-18
• 3.3.2 - 2022-03-28
• 3.3.1 - 2022-02-16
• 3.3.0 - 2022-02-14
• 3.2.0 - 2022-01-16
• 3.1.32 - 2022-01-12
• 3.1.31 - 2022-01-11
• 3.1.30 - 2021-10-13
• 3.1.29 - 2021-10-05
• 3.1.28 - 2021-09-26
• 3.1.27 - 2021-09-26
• 3.1.26 - 2021-09-26
• 3.1.25 - 2021-08-12
• 3.1.24 - 2021-08-11
• 3.1.23 - 2021-05-10
• 3.1.22 - 2021-03-15
• 3.1.21 - 2021-03-11
• 3.1.20 - 2020-12-01
• 3.1.19 - 2020-12-01
• 3.1.18 - 2020-11-20
• 3.1.17 - 2020-11-20
• 3.1.16 - 2020-10-26
• 3.1.15 - 2020-10-23
• 3.1.14 - 2020-10-23
• 3.1.13 - 2020-10-21
• 3.1.12 - 2020-07-29
• 3.1.11 - 2020-07-27
• 3.1.10 - 2020-06-13

from nanoid GitHub release notes

Package name: portfinder

• 1.0.32 - 2022-08-13
  No content.
• 1.0.31 - 2022-08-13
  No content.
• 1.0.30 - 2022-08-13
  No content.
• 1.0.29 - 2022-08-06
  No content.
• 1.0.28 - 2020-07-29
  

  Fix #108 - Bumping up mkdirp version to 0.5.5 (contributed by @ LostInBrittany)

• 1.0.27 - 2020-07-20
  No content.
• 1.0.26 - 2020-04-28
  No content.

from portfinder GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"autocannon","from":"5.0.1","to":"7.15.0"},{"name":"consul","from":"0.37.0","to":"1.2.0"},{"name":"forever","from":"3.0.0","to":"4.0.3"},{"name":"nanoid","from":"3.1.10","to":"5.0.7"},{"name":"portfinder","from":"1.0.26","to":"1.0.32"}],"env":"prod","hasFixes":true,"isBreakingChange":true,"isMajorUpgrade":true,"issuesToFix":[{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ANSIREGEX-1583908","issue_id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ANSIREGEX-1583908","issue_id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ASYNC-2441827","issue_id":"SNYK-JS-ASYNC-2441827","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0017},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Apr 07 2022 14:22:18 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.64},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-DECODEURICOMPONENT-3149970","issue_id":"SNYK-JS-DECODEURICOMPONENT-3149970","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00382},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Nov 28 2022 16:12:34 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-FOLLOWREDIRECTS-6141137","issue_id":"SNYK-JS-FOLLOWREDIRECTS-6141137","priority_score":158,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00051},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Jan 01 2024 15:19:32 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.62},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Improper Input Validation"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-INI-1048974","issue_id":"SNYK-JS-INI-1048974","priority_score":151,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01218},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Dec 10 2020 18:08:38 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.62},{"name":"likelihood","value":2.67},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-1040724","issue_id":"SNYK-JS-LODASH-1040724","priority_score":239,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"high"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00858},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Feb 15 2021 11:50:50 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.79},{"name":"likelihood","value":2.44},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Code Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-567746","issue_id":"SNYK-JS-LODASH-567746","priority_score":189,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"low"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01667},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Apr 28 2020 14:59:14 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":7.03},{"name":"likelihood","value":2.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-608086","issue_id":"SNYK-JS-LODASH-608086","priority_score":150,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01055},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Aug 21 2020 12:53:03 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.62},{"name":"likelihood","value":2.67},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-6139239","issue_id":"SNYK-JS-LODASH-6139239","priority_score":170,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attack...

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.