VYPR

apk package

wolfi/npm-lodash

pkg:apk/wolfi/npm-lodash

Vulnerabilities (1)

  • CVE-2025-13465MedJan 21, 2026
    affected < 4.17.23-r0fixed 4.17.23-r0

    Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwritin