漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Prototype Pollution Vulnerability in Lodash _.unset and _.omit functions
Vulnerability Description
Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwriting their original behavior. This issue is patched on 4.17.23
CVSS Information
N/A
Vulnerability Type
CWE-1321
Vulnerability Title
lodash 安全漏洞
Vulnerability Description
lodash是Lodash Utilities开源的一个JavaScript实用程序库。 lodash 4.17.22及之前版本存在安全漏洞,该漏洞源于_.unset和_.omit函数存在原型污染,可能导致攻击者删除全局原型的方法。
CVSS Information
N/A
Vulnerability Type
N/A