Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
History

Sun, 08 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:acm:2.2::el7

Mon, 19 Aug 2024 22:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:acm:2.2::el7
cpe:/a:redhat:acm:2.2::el8

cve-icon MITRE

Status: PUBLISHED

Assigner: snyk

Published: 2021-02-15T11:10:16.225227Z

Updated: 2024-09-16T22:15:52.206Z

Reserved: 2020-11-12T00:00:00

Link: CVE-2020-28500

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-02-15T11:15:12.397

Modified: 2024-11-21T05:22:55.053

Link: CVE-2020-28500

cve-icon Redhat

Severity : Moderate

Publid Date: 2021-02-15T00:00:00Z

Links: CVE-2020-28500 - Bugzilla