Description
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5480)
Artifactory Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-46687)
WordPress Plugin AdPlugg WordPress Ad Cross-Site Scripting (1.1.33)
Joomla! Core 1.7.0 Cross-Site Scripting (1.7.0)
IBM WebSEAL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-4661)