CVEFinder.io

CVE-2021-23337

⚠️ high
🔍 Scan for this CVE
Summary

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

CVSS Score
7.2
High
EPSS Score
0.7
Exploit Probability
Published Date
2021-02-15
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 55.4% of all 335,187 vulnerabilities in our database.

#149,529
Above average severity
Severity Percentile
Last Modified 2024-11-21
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE IDs (Weakness Types)

📦 Affected Products 45

🔗 References 13

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-46878 ⛔ critical 9.8 0.5 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure S... 2026-06-17
CVE-2026-46879 ⛔ critical 9.8 0.5 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure S... 2026-06-17
CVE-2026-46880 ⛔ critical 9.8 0.5 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure S... 2026-06-17
CVE-2026-46881 ⛔ critical 9.8 0.5 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure S... 2026-06-17
CVE-2026-46882 ⛔ critical 9.8 0.5 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure S... 2026-06-17
CVE-2026-46883 ⛔ critical 9.8 0.5 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure S... 2026-06-17
These CVEs affect the same products