Cx0b414307-5d4b @ Npm-lodash-4.17.11

**Vulnerable Package** issue exists @ **Npm\-lodash\-4\.17\.11** in branch **main**

Prototype Pollution vulnerability in lodash before 4.17.19.

**Namespace:** James-AST
**Repository:** msft
**Repository Url:** https://github.com/James-AST/msft
**CxAST\-Project:** James-AST/msft
**CxAST platform scan:** [d217bf9e\-499c\-4ae8\-a115\-08b6cd62b182](https://ast.checkmarx.net/projects/fada48c7-0c49-472a-994a-763d8a847895/scans?id=d217bf9e-499c-4ae8-a115-08b6cd62b182&branch=main)
**Branch:** main
**Application:** msft
**Severity:** HIGH
**State:** NOT_IGNORED
**Status:** RECURRENT
**CWE:** CWE-1321


----
**Addition Info**
**Attack vector:** NETWORK
**Attack complexity:** LOW
**Confidentiality impact:** LOW
**Availability impact:** LOW
**Remediation Upgrade Recommendation:** 4.17.21


----
**References**
[Disclosure](https://hackerone.com/reports/864701)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Cx0b414307-5d4b @ Npm-lodash-4.17.11 #57

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Cx0b414307-5d4b @ Npm-lodash-4.17.11 #57

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions