Description
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.
Remediation
References
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html
https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
Related Vulnerabilities
CVE-2022-44645 Vulnerability in maven package org.apache.linkis:linkis-metadata-query-service-jdbc
CVE-2020-28469 Vulnerability in maven package org.webjars.bowergithub.es128:glob-parent
CVE-2022-37866 Vulnerability in maven package org.apache.ivy:ivy
CVE-2022-31053 Vulnerability in maven package com.clever-cloud:biscuit-java
CVE-2022-37616 Vulnerability in maven package org.webjars.npm:xmldom__xmldom