Vulnerability	Vulnerable Version
M Prototype Pollution org.webjars.npm:yargs-parser is a mighty option parser used by yargs. Affected versions of this package are vulnerable to Prototype Pollution. The library could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload. Our research team checked several attack vectors to verify this vulnerability: It could be used for privilege escalation. The library could be used to parse user input received from different sources: terminal emulators system calls from other code bases CLI RPC servers How to fix Prototype Pollution? Upgrade `org.webjars.npm:yargs-parser` to version 5.0.1, 13.1.2, 15.0.1, 18.1.3 or higher.	[0,5.0.1)[7.0.0,13.1.2)[15.0.0,15.0.1)[16.1.0,18.1.3)

Prototype Pollution

org.webjars.npm:yargs-parser is a mighty option parser used by yargs.

Affected versions of this package are vulnerable to Prototype Pollution. The library could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.

Our research team checked several attack vectors to verify this vulnerability:

It could be used for privilege escalation.
The library could be used to parse user input received from different sources:
- terminal emulators
- system calls from other code bases
- CLI RPC servers

How to fix Prototype Pollution?

Upgrade org.webjars.npm:yargs-parser to version 5.0.1, 13.1.2, 15.0.1, 18.1.3 or higher.

[0,5.0.1)[7.0.0,13.1.2)[15.0.0,15.0.1)[16.1.0,18.1.3)

Go back to all versions of this package