VYPR
High severityNVD Advisory· Published Jul 15, 2020· Updated Aug 4, 2024

CVE-2020-8203

CVE-2020-8203

Description

Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
lodashnpm
>= 3.7.0, < 4.17.194.17.19
lodash-esnpm
>= 3.7.0, < 4.17.204.17.20
lodash.picknpm
>= 4.0.0, <= 4.4.0
lodash.setnpm
>= 3.7.0, <= 4.3.2
lodash.setwithnpm
<= 4.3.2
lodash.updatenpm
<= 4.10.2
lodash.updatewithnpm
<= 4.10.2
lodash-railsRubyGems
>= 3.7.0, < 4.17.194.17.19

Affected products

9

Patches

Vulnerability mechanics

References

17

News mentions

0

No linked articles in our index yet.