Skip to content

Upgraded lodash & axios to 4.18.1 & 1.15.0 due to vulnerabilities#672

Merged
1000TurquoisePogs merged 2 commits intov2.x/stagingfrom
zhou/upgrade-axios
Apr 17, 2026
Merged

Upgraded lodash & axios to 4.18.1 & 1.15.0 due to vulnerabilities#672
1000TurquoisePogs merged 2 commits intov2.x/stagingfrom
zhou/upgrade-axios

Conversation

@ChongZhou-Broadcom
Copy link
Copy Markdown
Contributor

@ChongZhou-Broadcom ChongZhou-Broadcom commented Apr 13, 2026
edited
Loading

BlackDuck reported the following security vulnerabilities:

dependency current version issue upgrade to version
lodash 4.17.23 CVE-2026-4800 4.18.1
axios 1.13.6 CVE-2026-40175 1.15.0

@github-project-automation github-project-automation bot moved this to Ready for Review in WebUI planning board Apr 13, 2026
@ChongZhou-Broadcom
Upgraded axios from 1.13.6 to 1.150.0 due to CVE-2026-40175
28eaa40 
Upgraded lodash from 4.17.23 to 4.18.1 due to CVE-2026-4800

Signed-off-by: ch.zhou <chong.zhou@broadcom.com>
@ChongZhou-Broadcom ChongZhou-Broadcom changed the title Upgraded axios from 1.13.6 to 1.15.0 due to CVE-2026-40175 Upgraded lodash & axios to 4.18.1 & 1.15.0 due to vulnerabilities Apr 17, 2026
@github-project-automation github-project-automation bot moved this from Ready for Review to Merge Ready in WebUI planning board Apr 17, 2026
@1000TurquoisePogs 1000TurquoisePogs merged commit 17af306 into v2.x/staging Apr 17, 2026
4 of 5 checks passed
@github-project-automation github-project-automation bot moved this from Merge Ready to Closed in WebUI planning board Apr 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@1000TurquoisePogs 1000TurquoisePogs 1000TurquoisePogs approved these changes

Assignees

No one assigned

Labels

size/XS

Projects

WebUI planning board
Status: Closed

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ChongZhou-Broadcom @1000TurquoisePogs