Description
Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.
Remediation
References
Related Vulnerabilities
Drupal Core 8.9.0 Cross-Site Request Forgery (8.9.0)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0791)
WordPress Plugin WooCommerce Social Login PHP Object Injection (2.6.2)
WordPress Plugin Vitamin Multiple Arbitrary File Disclosure Vulnerabilities (1.0.0)