Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2019-1010266

Published: 17/07/2019 Updated: 30/09/2020
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Subscribe to Lodash

Vulnerability Summary

lodash before 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is: 4.17.11.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

lodash lodash

Github Repositories

https://github.com/endorama/CsvToL10nJson

Convert a performatted CSV file to multiple valid localization files

Archive project with security advisory in dependencies This project has not been used for a long time and is not currently maintaned There are 2 security issues in dependecies: csv-parse CVE-2019-17592 lodash CVE-2019-1010266 CVE-2019-10744 CVE-2018-16487 CsvToL10nJson Convert a performatted CSV file to multiple valid localization files This module converts a single CSV file

References

CWE-770https://github.com/lodash/lodash/issues/3359https://snyk.io/vuln/SNYK-JS-LODASH-73639https://github.com/lodash/lodash/wiki/Changeloghttps://security.netapp.com/advisory/ntap-20190919-0004/https://nvd.nist.govhttps://github.com/endorama/CsvToL10nJson
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook