VIR Vulnerability Intelligence Relay

Package impact

npm npm / lodash.defaultsdeep

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2019-10744 unknown 7y ago Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor pay… debianrubynpm