Description
yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "__proto__" payload.
Remediation
References
https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
Related Vulnerabilities
CVE-2023-40343 Vulnerability in maven package io.jenkins.plugins:tuleap-oauth
CVE-2020-21125 Vulnerability in maven package com.bstek.ureport:ureport2-console
CVE-2021-25949 Vulnerability in npm package set-getter
CVE-2023-33779 Vulnerability in maven package com.xuxueli:xxl-job
CVE-2021-33562 Vulnerability in maven package com.shopizer:shopizer