Skip to content

CVE-2025-13465 Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. #954

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
maximthomas merged 1 commit into from
Jan 27, 2026

Bump lodash to 4.17.23 in openam-ui-api

a480ee7
Select commit
Loading
Failed to load commit list.
Sign in for the full log view
Merged

CVE-2025-13465 Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. #954

Bump lodash to 4.17.23 in openam-ui-api
a480ee7
Select commit
Loading
Failed to load commit list.
build-maven (11, macos-latest)
succeeded Jan 27, 2026 in 27m 32s