Commitizen requires a vulnerable version of lodash #1011
Description
CVE-2025-13465 describes a moderate severity vulnerability which affects Lodash versions 4.0.0 through 4.17.22.
The latest version of Commitizen requires a pinned version 4.17.21 of Lodash, which is vulnerable. This should be updated to the patched version 4.17.23.