Open RobertMickleCx opened 1 year ago
Vulnerable Package issue exists @ Npm-lodash-4.17.20 in branch master
lodash and lodash-es prior to 4.17.21 are vulnerable to Command Injection via the "template" function.
Namespace: RobertMickleCx Repository: NodeGoat Repository Url: https://github.com/RobertMickleCx/NodeGoat CxAST-Project: RobertMickleCx/NodeGoat CxAST platform scan: 421abb05-2701-4c6b-8cb3-89f91b91b3aa Branch: master Application: NodeGoat Severity: HIGH State: NOT_IGNORED Status: RECURRENT CWE: CWE-77
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: HIGH Availability impact: HIGH Remediation Upgrade Recommendation: 4.17.21
References Advisory Pull request Commit Disclosure
Vulnerable Package issue exists @ Npm-lodash-4.17.20 in branch master
lodash and lodash-es prior to 4.17.21 are vulnerable to Command Injection via the "template" function.
Namespace: RobertMickleCx Repository: NodeGoat Repository Url: https://github.com/RobertMickleCx/NodeGoat CxAST-Project: RobertMickleCx/NodeGoat CxAST platform scan: 421abb05-2701-4c6b-8cb3-89f91b91b3aa Branch: master Application: NodeGoat Severity: HIGH State: NOT_IGNORED Status: RECURRENT CWE: CWE-77
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: HIGH Availability impact: HIGH Remediation Upgrade Recommendation: 4.17.21
References Advisory Pull request Commit Disclosure