From 049078a4461a58e17b9da4de09ed09580697974e Mon Sep 17 00:00:00 2001
From: maximthomas <maxim.thomas@gmail.com>
Date: Tue, 12 May 2026 09:54:07 +0300
Subject: [PATCH] CVE-2025-13465 lodash vulnerable to Prototype Pollution via
 array path bypass in `_.unset` and `_.omit`

---
 openig-ui/package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openig-ui/package.json b/openig-ui/package.json
index d3cfa80a..c19ada1d 100644
--- a/openig-ui/package.json
+++ b/openig-ui/package.json
@@ -21,7 +21,7 @@
     "grunt-serve": "0.1.6",
     "grunt-sync": "0.8.1",
     "less-plugin-clean-css": "1.5.1",
-    "lodash": ">=4.17.23",
+    "lodash": ">=4.18.0",
     "requirejs": "2.3.7",
     "es5-ext": "0.10.53"
   },
@@ -34,6 +34,6 @@
     "fresh": ">=0.5.2",
     "send": ">=0.19.0",
     "dot": ">=1.1.3",
-    "lodash": ">=4.17.23"
+    "lodash": ">=4.18.0"
   }
 }