WEB APPLICATION VULNERABILITIES Standard & Premium

Lodash Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2020-8203)

Description

Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.

Remediation

References

Related Vulnerabilities

Oracle JRE CVE-2018-2825 Vulnerability (CVE-2018-2825)

Drupal Other Vulnerability (CVE-2016-3167)

MySQL CVE-2018-3081 Vulnerability (CVE-2018-3081)

e107 Other Vulnerability (CVE-2005-2805)

WordPress Plugin WP-Live Chat by 3CX Multiple Vulnerabilities (4.3.5)

Severity

High

Classification

CVE-2020-8203 CWE-1321 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

Tags

Missing Update Known Vulnerabilities