Description
yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "__proto__" payload.
Remediation
References
https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
Related Vulnerabilities
CVE-2022-1233 Vulnerability in maven package org.webjars.bower:urijs
CVE-2016-10707 Vulnerability in npm package jquery
CVE-2020-7634 Vulnerability in npm package heroku-addonpool
CVE-2019-18799 Vulnerability in npm package node-sass
CVE-2022-23457 Vulnerability in maven package org.owasp.esapi:esapi