Description
yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "__proto__" payload.
Remediation
References
https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
Related Vulnerabilities
CVE-2023-32695 Vulnerability in npm package socket.io-parser
CVE-2017-11341 Vulnerability in maven package org.webjars.npm:node-sass
CVE-2020-7716 Vulnerability in npm package deeps
CVE-2020-7739 Vulnerability in npm package phantomjs-seo
CVE-2023-38889 Vulnerability in maven package org.alluxio:alluxio-core