Description Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20. Remediation References CVE-2020-8203 Related Vulnerabilities WordPress Ultimate Member Plugin Other Vulnerability (CVE-2022-3384) Varnish Cache Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-8807) WordPress Plugin WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) Security Bypass (7.6.4) Oracle HTTP Server Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2022-0391) Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-20612) Severity High Classification CVE-2020-8203 CWE-1321 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H Tags Missing Update Known Vulnerabilities