Description Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20. Remediation References CVE-2020-8203 Related Vulnerabilities Apache HTTP Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4558) MySQL CVE-2018-3283 Vulnerability (CVE-2018-3283) Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4309) Apache Tomcat Data Processing Errors Vulnerability (CVE-2014-0227) ReviveAdserver Deserialization of Untrusted Data Vulnerability (CVE-2017-5830) Severity High Classification CVE-2020-8203 CWE-1321 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H Tags Missing Update Known Vulnerabilities