Lodash Rolls Out Major Security Overhaul | OpenJS Foundation
With the release of Lodash 4.17.23 and the publication of CVE-2025-134655, the project is making visible progress in strengthening its security posture. Lodash remains a quiet but essential part of the JavaScript ecosystem that is deeply embedded in frameworks, build systems, and production applications across the web. With the release of Lodash 4.17.23 and the publication of CVE-2025-134655, the
Release Release v0.28.0 · axios/axios
Release notes: Bug Fixes fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091) Backports from v1.x: Allow null indexes on formSerializer and paramsSerializer v0.x (#4961) Fixing content-type header repeated #4745 Fixed timeout error message for HTTP 4738 Added axios.formToJSON method (#4735) URL params serializer (#4734) Fixed toFormData Blob issue on node>v17 #47
GitHub - endojs/endo: Endo is a distributed secure JavaScript sandbox, based on SES
Endo is a framework for powerful JavaScript plugin systems and supply chain attack resistance. Endo includes tools for confinement, communication, and concurrency. With Endo’s SES implementation of HardenedJS, we can opt-in to a more tamper-resistant mode of JavaScript. With Endo’s Eventual Send, we have a safe, transport-agnostic abstraction for pipelining messages to remote procedures, and concr
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Release 4.18.0 · lodash/lodash
GitHub - nyariv/SandboxJS: Safe eval runtime
CVE-2022-46175 - GitHub Advisory Database
GitHub - LavaMoat/snow: Use Snow to finally secure your web app's same origin realms!
GitHub - gzuidhof/coi-serviceworker: Cross-origin isolation (COOP and COEP) through a service worker for situations in which you can't control the headers (e.g. GH pages)
GitHub - Shopify/remote-dom
Hostname spoofing via backslashes in URL
CVE-2022-0639 - GitHub Advisory Database
GitHub - google/safevalues
Release 8.9.2 · mermaid-js/mermaid
GitHub - serain/netmap.js: Fast browser-based network discovery module
GitHub - bishkou/password-pwnd: Npm package to check if the user's password has been leaked before in previous breaches using HIBP API
Sandbox Escape · Issue #19 · hacksparrow/safe-eval
Query SQL Databases using Node.js and TypeScript
Snyk research team discovers severe prototype pollution security vulnerabilities affecting all versions of lodash | Snyk
GitHub - braintree/sanitize-url
Release 3.13.1 · nodeca/js-yaml