Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:lodash:lodash:4.17.18:*:*:*:*:node.js:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-23337 |
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. Published: February 15, 2021; 8:15:12 AM -0500 |
V4.0:(not available) V3.1: 7.2 HIGH V2.0: 6.5 MEDIUM |
CVE-2020-28500 |
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. Published: February 15, 2021; 6:15:12 AM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2020-8203 |
Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20. Published: July 15, 2020; 1:15:11 PM -0400 |
V4.0:(not available) V3.1: 7.4 HIGH V2.0: 5.8 MEDIUM |