Browse Source

REPORT-122294 lodash 低版本安全漏洞

master^2^2
方磊 7 months ago
parent
commit
e4aafdc056
  1. 8
      packages/fineui/src/core/1.lodash.js

8
packages/fineui/src/core/1.lodash.js

@ -14,7 +14,7 @@
var undefined;
/** Used as the semantic version number. */
var VERSION = '4.17.5';
var VERSION = '4.17.21';
/** Used as the size to enable large array optimizations. */
var LARGE_ARRAY_SIZE = 200;
@ -899,7 +899,7 @@
}
/**
* Gets the value at `key`, unless `key` is "__proto__".
* Gets the value at `key`, unless `key` is "__proto__" or "constructor".
*
* @private
* @param {Object} object The object to query.
@ -907,6 +907,10 @@
* @returns {*} Returns the property value.
*/
function safeGet(object, key) {
if (key === 'constructor' && typeof object[key] === 'function') {
return;
}
return key == '__proto__'
? undefined
: object[key];

Loading…
Cancel
Save