Description
yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "__proto__" payload.
Remediation
References
https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
Related Vulnerabilities
CVE-2023-1784 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-parent
CVE-2022-39202 Vulnerability in npm package matrix-appservice-irc
CVE-2023-26109 Vulnerability in npm package node-bluetooth-serial-port
CVE-2023-37960 Vulnerability in maven package io.jenkins.plugins:mathworks-polyspace
CVE-2021-46361 Vulnerability in maven package info.magnolia:magnolia-core