@aaronuu/react-forms (>=0.0.1 <=0.2.2), @actra-development-oss/redux-persist-transform-filter-immutable (>=0.1.1 <=1.0.0) +773 more potentially affected by CVE-2025-13465 via lodash.unset (>=4.0.2 <=4.5.2)

lodash.unset NPM version =4.0.2, =0.0.1, =0.1.1, =0.1.0, =0.0.1, =1.1.0, =0.0.4, =1.8.28, =1.1.0, =0.1.2, =0.0.1, =0.1.0, =0.0.1, =2.1.1 and more Source cves: CVE-2025-13465 Source advisory: SNYK:JS-LODASHUNSET-15053837...

@aaronuu/react-forms (>=0.0.1 <=0.2.2), @actra-development-oss/redux-persist-transform-filter-immutable (>=0.1.1 <=1.0.0) +773 more potentially affected by CVE-2025-13465 via lodash.unset (>=4.0.2 <=4.5.2)

lodash.unset NPM version =4.0.2, =0.0.1, =0.1.1, =0.1.0, =0.0.1, =1.1.0, =0.0.4, =1.8.28, =1.1.0, =0.1.2, =0.0.1, =0.1.0, =0.0.1, =2.1.1 and more Source cves: CVE-2025-13465 Source advisory: OSV:GHSA-XXJR-MMJV-4GPG...

CVE-2025-13465 Prototype Pollution Vulnerability in Lodash _.unset and _.omit functions

Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the .unset and .omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwriting their original...

lodash security vulnerabilities

lodash is an open-source JavaScript utility library developed by Lodash Utilities. Lodash versions 4.17.22 and earlier contained security vulnerabilities. These vulnerabilities stemmed from prototype pollution in the .unset and .omit functions, which could allow attackers to delete global...

papooCMS.txt

It makes use of the unset vulnerability, cms can be found at papoo.de !/usr/bin/perl require LWP::UserAgent; print "PAPOO CMS REMOTE FILE INCLUSION VULNERABILITY \n"; print "Exploit & vulnerability by Ironfist\n"; print " http://iron.gimyweb.de \n"; print "Host?"; $host = ; chomp $host; print "Pa...