Is lodash.update safe to use?

lodash.update has 1 known vulnerabilities on the latest version (4.10.2). DepScope rates its health at 54/100 (high risk).

What is the latest version of lodash.update?

The latest version of lodash.update is 4.10.2, released 2016-08-13.

Yes. lodash.update has 1 known vulnerabilities. See depscope.dev/pkg/npm/lodash.update for details.

No, lodash.update is actively maintained. Latest release: 4.10.2 (2016-08-13).

Popular alternatives to lodash.update in npm include: semver, ansi-styles, debug, minimatch, brace-expansion.

lodash.update is licensed under MIT.

npmv4.10.2

The lodash method `_.update` exported as a module.

License MITpermissive7 versions2 maintainers0 deps8,979 weekly dl

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Update to >= 4.17.19 to fix known vulnerabilities

Health breakdown0 – 100

0/25

maintenance

6/20

popularity

20/25

security

15/15

maturity

13/15

community

Vulnerabilities

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	CVE-2020-8203	Prototype Pollution in lodash	4.17.19

🌟

7/10typed

Types from @types/lodash.update (DefinitelyTyped)

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/lodash.update