Skip to main content

Lodahs

1 CVEs product

Monthly

CVE-2019-19771 npm HIGH MAL This Week

The lodahs package 0.0.1 for Node.js is a Trojan horse, and may have been installed by persons who mistyped the lodash package name. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Node.js Information Disclosure Lodahs
NVD
CVSS 3.1
8.8
EPSS
1.3%
EPSS 1% CVSS 8.8
HIGH This Week

The lodahs package 0.0.1 for Node.js is a Trojan horse, and may have been installed by persons who mistyped the lodash package name. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Node.js Information Disclosure Lodahs
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy