Filtered by vendor Netapp Subscriptions
Filtered by product System Manager Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-23337 5 Lodash, Netapp, Oracle and 2 more 29 Lodash, Active Iq Unified Manager, Cloud Manager and 26 more 2024-11-21 7.2 High
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
CVE-2018-3721 3 Lodash, Netapp, Redhat 4 Lodash, Active Iq Unified Manager, System Manager and 1 more 2024-11-21 6.5 Medium
lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.