CVE-2020-8203 remediated: upgrade lodash to 4.17.19
Independent Software Developer

CVE-2020-8203 remediated: upgrade lodash to 4.17.19

1 min read

CVE-2020-8203 — Phalanx Remediation Evidence

Affected package: lodash Remediation: swap-chainguard Fixed in: 4.17.19

Cryptographic provenance

  • Chainguard SBOM hash: sha256:9e33f02ba42ad1da39f4b6f1b24fe3755127bcdd1b9721dc871863e03cef3c42
  • Sigstore signature: https://rekor.sigstore.dev/api/v1/log/entries/fixture-cached
  • SLSA provenance level: 3
  • x402 receipt hash (Base Sepolia): 0xa1b2c3d4e5f60718293a4b5c6d7e8f90a1b2c3d4e5f60718293a4b5c6d7e8f90

Parallel speculation

Ghost zero-copy forks explored: phalanx-upgrade-minor-8656d0, phalanx-upgrade-major-69570d, phalanx-pin-and-patch-a4b195, phalanx-swap-chainguard-425f98

InsForge per-hypothesis backends: insforge-phalanx-upgrade-minor-8656d0-31273c, insforge-phalanx-upgrade-major-69570d-70b234, insforge-phalanx-pin-and-patch-a4b195-544616, insforge-phalanx-swap-chainguard-425f98-7ffa36

Validation summary

Winner swap-chainguard @ 0.910

Published by Phalanx — parallel-fork CVE response fabric.

Back to Independent Software Developer

Keep Reading

More from Independent Software Developer

CVE-2020-8203 remediated: upgrade lodash to 4.17.19

Read more

CVE-2020-8203 remediated: upgrade lodash to 4.17.19

Read more

CVE-2020-8203 remediated: upgrade lodash to 4.17.19

Read more