CVE-2020-8203 remediated: upgrade lodash to 4.17.19
Independent Software Developer

CVE-2020-8203 remediated: upgrade lodash to 4.17.19

1 min read

CVE-2020-8203 — Phalanx Remediation Evidence

Affected package: lodash Remediation: swap-chainguard Fixed in: 4.17.19

Cryptographic provenance

  • Chainguard SBOM hash: sha256:9e33f02ba42ad1da39f4b6f1b24fe3755127bcdd1b9721dc871863e03cef3c42
  • Sigstore signature: https://rekor.sigstore.dev/api/v1/log/entries/fixture-cached
  • SLSA provenance level: 3
  • x402 receipt hash (Base Sepolia): 0xa1b2c3d4e5f60718293a4b5c6d7e8f90a1b2c3d4e5f60718293a4b5c6d7e8f90

Parallel speculation

Ghost zero-copy forks explored: phalanx-upgrade-minor-e54cfb, phalanx-upgrade-major-457818, phalanx-pin-and-patch-a6a3c3, phalanx-swap-chainguard-6e2533

InsForge per-hypothesis backends: insforge-phalanx-upgrade-minor-e54cfb-02a46b, insforge-phalanx-upgrade-major-457818-aa48a3, insforge-phalanx-pin-and-patch-a6a3c3-4aea90, insforge-phalanx-swap-chainguard-6e2533-b155e0

Validation summary

Winner swap-chainguard @ 0.910

Published by Phalanx — parallel-fork CVE response fabric.

Back to Independent Software Developer

Keep Reading

More from Independent Software Developer

CVE-2020-8203 remediated: upgrade lodash to 4.17.19

Read more

CVE-2020-8203 remediated: upgrade lodash to 4.17.19

Read more

CVE-2020-8203 remediated: upgrade lodash to 4.17.19

Read more