Information on source package node-lodash

Available versions

ReleaseVersion
stretch4.16.6+dfsg-2
buster4.17.11+dfsg-2+deb10u1
bullseye4.17.19+dfsg1-1
sid4.17.19+dfsg1-1

Open issues

BugstretchbusterbullseyesidDescription
CVE-2020-8203vulnerablevulnerable (no DSA)fixedfixedPrototype pollution attack when using _.zipObjectDeep in lodash <= ...
CVE-2019-10744vulnerablefixedfixedfixedVersions of lodash lower than 4.17.12 are vulnerable to Prototype Poll ...

Open unimportant issues

BugstretchbusterbullseyesidDescription
CVE-2019-1010266vulnerablefixedfixedfixedlodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource ...
CVE-2018-3721vulnerablefixedfixedfixedlodash node module before 4.17.5 suffers from a Modification of Assume ...
CVE-2018-16487vulnerablefixedfixedfixedA prototype pollution vulnerability was found in lodash <4.17.11 wh ...

Search for package or bug name: Reporting problems