CVE-2020-8203 @ Npm-lodash-4.17.11 #64

Yoavast · 2023-02-27T10:51:47Z

Checkmarx (SCA): Vulnerable Package
Vulnerability: Read More about CVE-2020-8203
Applications: yael's application
Checkmarx Project: Yoavast/CX-AST
Repository URL: https://github.com/Yoavast/CX-AST
Branch: main
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
Scan ID: b70b7227-90db-4075-88cb-4c196077be97

Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.

Additional Info
Attack vector: NETWORK
Attack complexity: HIGH
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 4.17.21

Yoavast added SCA project:Yoavast/CX-AST and removed CxSCA labels Aug 28, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2020-8203 @ Npm-lodash-4.17.11 #64

CVE-2020-8203 @ Npm-lodash-4.17.11 #64

Yoavast commented Feb 27, 2023 •

edited

Loading

CVE-2020-8203 @ Npm-lodash-4.17.11 #64

CVE-2020-8203 @ Npm-lodash-4.17.11 #64

Comments

Yoavast commented Feb 27, 2023 • edited Loading

Yoavast commented Feb 27, 2023 •

edited

Loading