Lodash: >> Lodash >> 4.17.17 Security Vulnerabilities
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
CVSS Score
7.2
EPSS Score
0.009
Published
2021-02-15
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
CVSS Score
5.3
EPSS Score
0.002
Published
2021-02-15
Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.
CVSS Score
7.4
EPSS Score
0.024
Published
2020-07-15