4.17.21
9 years ago
3 years ago
Known vulnerabilities in the lodash-es package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Code Injection via PoC
How to fix Code Injection? Upgrade | <4.17.21 |
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the POC
How to fix Regular Expression Denial of Service (ReDoS)? Upgrade | <4.17.21 |
Affected versions of this package are vulnerable to Prototype Pollution via the How to fix Prototype Pollution? Upgrade | <4.17.20 |
Affected versions of this package are vulnerable to Prototype Pollution. The function How to fix Prototype Pollution? Upgrade | >=4.1.0 <4.17.20 |
Affected versions of this package are vulnerable to Prototype Pollution. The function How to fix Prototype Pollution? Upgrade | <4.17.12 |
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). It parses dates using regex strings, which may cause a slowdown of 2 seconds per 50k characters. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade | <4.17.11 |
Affected versions of this package are vulnerable to Prototype Pollution. The functions How to fix Prototype Pollution? Upgrade | <4.17.11 |
Affected versions of this package are vulnerable to Prototype Pollution. The utilities function allow modification of the How to fix Prototype Pollution? Upgrade | <4.17.5 |