Description
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.
Remediation
References
https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html
Related Vulnerabilities
CVE-2023-26115 Vulnerability in npm package word-wrap
CVE-2021-25943 Vulnerability in npm package 101
CVE-2022-25897 Vulnerability in maven package org.eclipse.milo:sdk-server
CVE-2023-45135 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates
CVE-2011-4969 Vulnerability in maven package org.webjars.bower:jquery