Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/lodash-template@1.0.0
purl pkg:npm/lodash-template@1.0.0
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-fhw1-4c1k-sfh3
Aliases:
CVE-2021-23337
GHSA-35jh-r3h4-6jhm
Command Injection in lodash `lodash` versions prior to 4.17.21 are vulnerable to Command Injection via the template function. There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:22:15.341043+00:00 GitLab Importer Affected by VCID-fhw1-4c1k-sfh3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/lodash-template/CVE-2021-23337.yml 38.4.0
2026-04-16T01:44:02.929352+00:00 GHSA Importer Affected by VCID-fhw1-4c1k-sfh3 https://github.com/advisories/GHSA-35jh-r3h4-6jhm 38.4.0
2026-04-11T22:34:47.250138+00:00 GitLab Importer Affected by VCID-fhw1-4c1k-sfh3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/lodash-template/CVE-2021-23337.yml 38.3.0
2026-04-11T13:13:15.368181+00:00 GHSA Importer Affected by VCID-fhw1-4c1k-sfh3 https://github.com/advisories/GHSA-35jh-r3h4-6jhm 38.3.0
2026-04-02T22:45:54.984691+00:00 GitLab Importer Affected by VCID-fhw1-4c1k-sfh3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/lodash-template/CVE-2021-23337.yml 38.1.0
2026-04-02T14:04:39.331799+00:00 GHSA Importer Affected by VCID-fhw1-4c1k-sfh3 https://github.com/advisories/GHSA-35jh-r3h4-6jhm 38.1.0
2026-04-01T17:03:48.994201+00:00 GitLab Importer Affected by VCID-fhw1-4c1k-sfh3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/lodash-template/CVE-2021-23337.yml 38.0.0