Oracle: >> Communications Cloud Native Core Policy >> 1.11.0 Security Vulnerabilities
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
CVSS Score
7.2
EPSS Score
0.003
Published
2021-02-15
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
CVSS Score
5.3
EPSS Score
0.001
Published
2021-02-15
Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.
CVSS Score
7.4
EPSS Score
0.02
Published
2020-07-15