[Snyk] Upgrade underscore from 1.9.1 to 1.13.1

[snyk-bot]

Snyk has created this PR to upgrade underscore from 1.9.1 to 1.13.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 13 versions ahead of your current version.
• The recommended version was released 6 months ago, on 2021-04-15.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	375/1000 Why? CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-INI-1048974	375/1000 Why? CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-AWSSDK-1059424	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	375/1000 Why? CVSS 7.5	Proof of Concept
	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	375/1000 Why? CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: underscore

• 1.13.1 - 2021-04-15
• 1.13.0 - 2021-04-09
• 1.13.0-3 - 2021-03-31
• 1.13.0-2 - 2021-03-15
• 1.13.0-1 - 2021-03-11
• 1.13.0-0 - 2021-03-10
• 1.12.1 - 2021-03-15
• 1.12.0 - 2020-11-24
• 1.11.0 - 2020-08-28
• 1.10.2 - 2020-03-30
• 1.10.1 - 2020-03-30
• 1.10.0 - 2020-03-30
• 1.9.2 - 2020-01-06
• 1.9.1 - 2018-05-31

from underscore GitHub release notes

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs