Information on source package node-lodash

Available versions

ReleaseVersion
stretch4.16.6+dfsg-2
buster4.17.11+dfsg-2+deb10u1
bullseye4.17.21+dfsg+~cs8.31.173-1
bookworm4.17.21+dfsg+~cs8.31.189.20210220-2
sid4.17.21+dfsg+~cs8.31.189.20210220-2

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2021-23337vulnerablevulnerable (no DSA)fixedfixedfixedLodash versions prior to 4.17.21 are vulnerable to Command Injection v ...
CVE-2020-28500vulnerablevulnerable (no DSA)fixedfixedfixedLodash versions prior to 4.17.21 are vulnerable to Regular Expression ...
CVE-2020-8203vulnerablevulnerable (no DSA)fixedfixedfixedPrototype pollution attack when using _.zipObjectDeep in lodash before ...
CVE-2019-10744vulnerablefixedfixedfixedfixedVersions of lodash lower than 4.17.12 are vulnerable to Prototype Poll ...

Open unimportant issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2019-1010266vulnerablefixedfixedfixedfixedlodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource ...
CVE-2018-16487vulnerablefixedfixedfixedfixedA prototype pollution vulnerability was found in lodash <4.17.11 wh ...
CVE-2018-3721vulnerablefixedfixedfixedfixedlodash node module before 4.17.5 suffers from a Modification of Assume ...

Search for package or bug name: Reporting problems