Information on source package node-lodash

Available versions

ReleaseVersion
jessie2.4.1+dfsg-3
stretch4.16.6+dfsg-2
buster4.17.11+dfsg-2+deb10u1
bullseye4.17.21+dfsg+~cs8.31.173-1
bookworm4.17.21+dfsg+~cs8.31.198.20210220-9
trixie4.17.21+dfsg+~cs8.31.198.20210220-9
sid4.17.21+dfsg+~cs8.31.198.20210220-9

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2021-23337vulnerablevulnerablevulnerable (no DSA)fixedfixedfixedfixedLodash versions prior to 4.17.21 are vulnerable to Command Injection v ...
CVE-2020-28500vulnerablevulnerablevulnerable (no DSA)fixedfixedfixedfixedLodash versions prior to 4.17.21 are vulnerable to Regular Expression ...
CVE-2020-8203vulnerablevulnerablevulnerable (no DSA)fixedfixedfixedfixedPrototype pollution attack when using _.zipObjectDeep in lodash before ...
CVE-2019-10744vulnerablevulnerablefixedfixedfixedfixedfixedVersions of lodash lower than 4.17.12 are vulnerable to Prototype Poll ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2019-1010266vulnerablevulnerablefixedfixedfixedfixedfixedlodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource ...
CVE-2018-16487vulnerablevulnerablefixedfixedfixedfixedfixedA prototype pollution vulnerability was found in lodash <4.17.11 where ...
CVE-2018-3721vulnerablevulnerablefixedfixedfixedfixedfixedlodash node module before 4.17.5 suffers from a Modification of Assume ...

Search for package or bug name: Reporting problems