Description
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.
Remediation
References
https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html
Related Vulnerabilities
CVE-2020-13933 Vulnerability in maven package org.apache.shiro:shiro-web
CVE-2021-41249 Vulnerability in npm package graphql-playground-react
CVE-2015-2080 Vulnerability in maven package org.eclipse.jetty:jetty-http
CVE-2017-16208 Vulnerability in npm package dmmcquay.lab6
CVE-2020-7691 Vulnerability in maven package org.webjars.bower:jspdf