Predicate LoopBoundInjection :: loopableLodashMethod
Holds if name is a method from lodash vulnerable to a DoS attack if called with a tainted object.
Import path
import semmle.javascript.security.dataflow.LoopBoundInjectionCustomizations
predicate
loopableLodashMethod
(
string
name
)