Description
yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "__proto__" payload.
Remediation
References
https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
Related Vulnerabilities
CVE-2023-26118 Vulnerability in npm package angular
CVE-2022-2048 Vulnerability in maven package org.eclipse.jetty.http2:http2-server
CVE-2022-28220 Vulnerability in maven package org.apache.james:james-server-protocols-managesieve
CVE-2023-37908 Vulnerability in maven package org.xwiki.rendering:xwiki-rendering-xml
CVE-2022-28157 Vulnerability in maven package com.surenpi.jenkins:phoenix-autotest