Description
yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "__proto__" payload.
Remediation
References
https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
Related Vulnerabilities
CVE-2018-0114 Vulnerability in npm package node-jose
CVE-2022-43431 Vulnerability in maven package com.compuware.jenkins:compuware-strobe-measurement
CVE-2018-3721 Vulnerability in maven package org.webjars.npm:lodash
CVE-2021-22134 Vulnerability in maven package org.elasticsearch:elasticsearch
CVE-2023-33546 Vulnerability in maven package org.codehaus.janino:janino-parent