EPSS
Percentile
73.8%
lodash is vulnerable to Regular Expression Denial of Service (ReDoS) attacks. The library uses a regular expression that does not properly handle processing a large amount of characters, allowing a malicious user to cause a ReDoS.
github.com/lodash/lodash/issues/3359
github.com/lodash/lodash/pull/3926
github.com/lodash/lodash/wiki/Changelog
security.netapp.com/advisory/ntap-20190919-0004/