Vulnerabilities > CVE-2020-28500

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
LOW
network
low complexity
lodash
oracle
siemens

Summary

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.

Vulnerable Configurations

Part Description Count
Application
Lodash
195
Application
Oracle
68
Application
Siemens
3

References