Skip to content

Update dependency underscore to v1.12.1 #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
dev-mend-for-github-com wants to merge 1 commit into
base: main
Choose a base branch
from
+809 −6

Update dependency underscore to v1.12.1

c2a6e5b
Select commit
Loading
Failed to load commit list.
Open

Update dependency underscore to v1.12.1 #19

Update dependency underscore to v1.12.1
c2a6e5b
Select commit
Loading
Failed to load commit list.
Dev - Mend for GitHub.com / Mend Security Check failed Feb 5, 2026 in 6m 13s

Security Report

You have successfully remediated 1 vulnerabilities, but introduced 2 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Direct Library Suggested Fix Issue
CVE-398484-724968

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> core-7.23.2.tgz (Root Library)

   -> debug-4.4.3.tgz

     -> ❌ ms-2.1.3.tgz (Vulnerable Library)

Critical 9.8 Transitive ms-2.1.3.tgz core-7.23.2.tgz None
CVE-2025-26791

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

-> ❌ dompurify-2.5.8.tgz (Vulnerable Library)

Medium 4.5 Direct dompurify-2.5.8.tgz dompurify-2.5.8.tgz 3.2.4 None

✔️ Remediated vulnerabilities:

Vulnerability Vulnerable Library
CVE-2021-23358 underscore-1.9.1.tgz

Base branch total remaining vulnerabilities: 64
Base branch commit: 696755a3f971b60ea4c27daf8702c5335219b43a


Total libraries scanned: 420

Scan token: 12db8b90e0b0401d80ce05f9bccca28a

View more details on Dev - Mend for GitHub.com