Vulnerability	Vulnerable Version
L Prototype Pollution minimist is a parse argument options module. Affected versions of this package are vulnerable to Prototype Pollution due to a missing handler to `Function.prototype`. Notes: This vulnerability is a bypass to CVE-2020-7598 The reason for the different CVSS between CVE-2021-44906 to CVE-2020-7598, is that CVE-2020-7598 can pollute objects, while CVE-2021-44906 can pollute only function. How to fix Prototype Pollution? Upgrade `minimist` to version 0.2.4, 1.2.6 or higher.	<0.2.4>=1.2.0 <1.2.6
M Prototype Pollution minimist is a parse argument options module. Affected versions of this package are vulnerable to Prototype Pollution. The library could be tricked into adding or modifying properties of `Object.prototype` using a `constructor` or `__proto__` payload. How to fix Prototype Pollution? Upgrade `minimist` to version 0.2.1, 1.2.3 or higher.	<0.2.1>=1.0.0 <1.2.3

Prototype Pollution

minimist is a parse argument options module.

Affected versions of this package are vulnerable to Prototype Pollution due to a missing handler to Function.prototype.

Notes:

This vulnerability is a bypass to CVE-2020-7598
The reason for the different CVSS between CVE-2021-44906 to CVE-2020-7598, is that CVE-2020-7598 can pollute objects, while CVE-2021-44906 can pollute only function.

How to fix Prototype Pollution?

Upgrade minimist to version 0.2.4, 1.2.6 or higher.

<0.2.4>=1.2.0 <1.2.6

Prototype Pollution

minimist is a parse argument options module.

Affected versions of this package are vulnerable to Prototype Pollution. The library could be tricked into adding or modifying properties of Object.prototype using a constructor or __proto__ payload.

How to fix Prototype Pollution?

Upgrade minimist to version 0.2.1, 1.2.3 or higher.

<0.2.1>=1.0.0 <1.2.3

Go back to all versions of this package