Description
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
Remediation
References
Related Vulnerabilities
Undertow Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)
Moodle Improper Input Validation Vulnerability (CVE-2009-1171)
Apache Traffic Server CVE-2022-47184 Vulnerability (CVE-2022-47184)
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-8447)