CPE-98B4AECD-161E-4E63-BEC0-89213EA75BFA Detail

CPE Details

lodash 4.17.11 for Node.js

Vendor

lodash

Product

lodash

Version

4.17.11

Created

2019-07-02
12h34 +00:00

Modified

2019-07-02
12h34 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:lodash:lodash:4.17.11:::::node.js::

Informations

Vendor

lodash

Product

lodash

Version

4.17.11

Target Software

node.js

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2021-23337	2021-02-15 12h15 +00:00	Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.	7.2	High
CVE-2020-28500	2021-02-15 11h10 +00:00	Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.	5.3	Medium
CVE-2020-8203	2020-07-15 14h10 +00:00	Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.	7.4	High
CVE-2019-10744	2019-07-25 21h43 +00:00	Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.	9.1	Critical

lodash 4.17.11 for Node.js

CPE Details

CPE Name: cpe:2.3:a:lodash:lodash:4.17.11:*:*:*:*:node.js:*:*

Informations

Vendor

Product

Version

Target Software

Related CVE

CPE Name: cpe:2.3:a:lodash:lodash:4.17.11:::::node.js::