Description
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.
Remediation
References
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html
https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
Related Vulnerabilities
CVE-2019-10362 Vulnerability in maven package io.jenkins:configuration-as-code
CVE-2019-10756 Vulnerability in npm package node-red-dashboard
CVE-2021-43570 Vulnerability in maven package com.starkbank.ellipticcurve:starkbank-ecdsa
CVE-2019-1003069 Vulnerability in maven package org.jenkins-ci.plugins:aqua-security-scanner
CVE-2020-2113 Vulnerability in maven package org.jenkins-ci.tools:git-parameter