Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Lodash Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) Vulnerability - CVE-2025-13465 - Vulnerability Database
Lodash

Lodash Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) Vulnerability - CVE-2025-13465

Medium
Reference: CVE-2025-13465
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2025-13465
Title: Lodash Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) Vulnerability
Overview:

Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unsetand _.omitfunctions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwriting their original behavior. This issue is patched on 4.17.23