{"source":1113950,"name":"underscore","dependency":"underscore","title":"Underscore has unlimited recursion in _.flatten and _.isEqual, potential for DoS attack","url":"https://github.com/advisories/GHSA-qpx9-hpmf-5gmw","severity":"high","versions":["1.0.3","1.0.4","1.1.0","1.1.1","1.1.2","1.1.3","1.1.4","1.1.5","1.1.6","1.1.7","1.2.0","1.2.1","1.2.2","1.2.3","1.2.4","1.3.0","1.3.1","1.3.2","1.3.3","1.4.0","1.4.1","1.4.2","1.4.3","1.4.4","1.5.0","1.5.1","1.5.2","1.6.0","1.7.0","1.8.0","1.8.1","1.8.2","1.8.3","1.9.0","1.9.1","1.9.2","1.10.0","1.10.1","1.10.2","1.11.0","1.12.0","1.12.1","1.13.0-0","1.13.0-1","1.13.0-2","1.13.0-3","1.13.0","1.13.1","1.13.2","1.13.3","1.13.4","1.13.5","1.13.6","1.13.7","1.13.8"],"vulnerableVersions":["1.0.3","1.0.4","1.1.0","1.1.1","1.1.2","1.1.3","1.1.4","1.1.5","1.1.6","1.1.7","1.2.0","1.2.1","1.2.2","1.2.3","1.2.4","1.3.0","1.3.1","1.3.2","1.3.3","1.4.0","1.4.1","1.4.2","1.4.3","1.4.4","1.5.0","1.5.1","1.5.2","1.6.0","1.7.0","1.8.0","1.8.1","1.8.2","1.8.3","1.9.0","1.9.1","1.9.2","1.10.0","1.10.1","1.10.2","1.11.0","1.12.0","1.12.1","1.13.0-0","1.13.0-1","1.13.0-2","1.13.0-3","1.13.0","1.13.1","1.13.2","1.13.3","1.13.4","1.13.5","1.13.6","1.13.7"],"cwe":["CWE-674","CWE-770"],"cvss":{"score":0,"vectorString":null},"range":"<=1.13.7","id":"yWzlfSKcI+GhE5P7/Umi/YOfMoLbE1sZdNlzIoh93c2Yz24MhbRhrmsnFH+MjEUgR1rWKE+ZNBZHyM4OXs4zZA=="}