Description
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
Remediation
References
Related Vulnerabilities
WordPress Plugin Bind Users to Taxonomy Cross-Site Scripting (0.3)
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17309)
WordPress Plugin LearnPress-WordPress LMS SQL Injection (3.2.6.7)
WordPress Plugin YITH WooCommerce Ajax Search Unspecified Vulnerability (1.2.7)
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-0796)