VYPR
Moderate severityNVD Advisory· Published Mar 16, 2020· Updated Aug 4, 2024

CVE-2020-7608

CVE-2020-7608

Description

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "__proto__" payload.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
yargs-parsernpm
>= 6.0.0, < 13.1.213.1.2
yargs-parsernpm
>= 14.0.0, < 15.0.115.0.1
yargs-parsernpm
>= 16.0.0, < 18.1.118.1.1
yargs-parsernpm
< 5.0.15.0.1

Affected products

4

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.