CVE-2020-28500
EUVD-2022-042415.02.2021, 11:15
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| lodash | lodash | 𝑥 < 4.17.21 |
| oracle | banking_corporate_lending_process_management | 14.2.0 |
| oracle | banking_corporate_lending_process_management | 14.3.0 |
| oracle | banking_corporate_lending_process_management | 14.5.0 |
| oracle | banking_credit_facilities_process_management | 14.2.0 |
| oracle | banking_credit_facilities_process_management | 14.3.0 |
| oracle | banking_credit_facilities_process_management | 14.5.0 |
| oracle | banking_extensibility_workbench | 14.2.0 |
| oracle | banking_extensibility_workbench | 14.3.0 |
| oracle | banking_extensibility_workbench | 14.5.0 |
| oracle | banking_supply_chain_finance | 14.2.0 |
| oracle | banking_supply_chain_finance | 14.3.0 |
| oracle | banking_supply_chain_finance | 14.5.0 |
| oracle | banking_trade_finance_process_management | 14.2.0 |
| oracle | banking_trade_finance_process_management | 14.3.0 |
| oracle | banking_trade_finance_process_management | 14.5.0 |
| oracle | communications_cloud_native_core_policy | 1.11.0 |
| oracle | communications_design_studio | 7.4.2 |
| oracle | communications_services_gatekeeper | 7.0 |
| oracle | communications_session_border_controller | 8.4 |
| oracle | communications_session_border_controller | 9.0 |
| oracle | enterprise_communications_broker | 3.2.0 |
| oracle | enterprise_communications_broker | 3.3.0 |
| oracle | financial_services_crime_and_compliance_management_studio | 8.0.8.2.0 |
| oracle | financial_services_crime_and_compliance_management_studio | 8.0.8.3.0 |
| oracle | health_sciences_data_management_workbench | 2.5.2.1 |
| oracle | health_sciences_data_management_workbench | 3.0.0.0 |
| oracle | jd_edwards_enterpriseone_tools | 𝑥 < 9.2.6.1 |
| oracle | peoplesoft_enterprise_peopletools | 8.58 |
| oracle | peoplesoft_enterprise_peopletools | 8.59 |
| oracle | primavera_gateway | 17.12.0 ≤ 𝑥 ≤ 17.12.11 |
| oracle | primavera_gateway | 18.8.0 ≤ 𝑥 ≤ 18.8.12 |
| oracle | primavera_gateway | 19.12.0 ≤ 𝑥 ≤ 19.12.11 |
| oracle | primavera_gateway | 20.12.0 ≤ 𝑥 ≤ 20.12.7 |
| oracle | primavera_unifier | 17.7 ≤ 𝑥 ≤ 17.12 |
| oracle | primavera_unifier | 18.8 |
| oracle | primavera_unifier | 19.12 |
| oracle | primavera_unifier | 20.12 |
| oracle | retail_customer_management_and_segmentation_foundation | 19.0 |
| siemens | sinec_ins | 𝑥 < 1.0 |
| siemens | sinec_ins | 1.0 |
| siemens | sinec_ins | 1.0:sp1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References