CVE-2021-23337

Command Injection in lodash

Description

lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

JavaScript

Publish Date

May 6, 2021

Modified Date

August 12, 2025

Score Vector

Affected Versions