Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
References
Link | Resource |
---|---|
https://github.com/Marynk/JavaScript-vulnerability-detection/blob/main/minimist%20PoC.zip | Exploit Third Party Advisory |
https://github.com/substack/minimist/blob/master/index.js#L69 | Exploit Third Party Advisory |
https://github.com/substack/minimist/issues/164 | Exploit Issue Tracking Patch Third Party Advisory |
https://security.netapp.com/advisory/ntap-20240621-0006/ | |
https://snyk.io/vuln/SNYK-JS-MINIMIST-559764 | Exploit Not Applicable Patch Third Party Advisory |
https://stackoverflow.com/questions/8588563/adding-custom-properties-to-a-function/20278068#20278068 | Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-03-17T13:05:57
Updated: 2024-06-21T19:07:14.002611
Reserved: 2021-12-13T00:00:00
Link: CVE-2021-44906
JSON object: View
NVD Information
Status : Modified
Published: 2022-03-17T16:15:07.510
Modified: 2024-06-21T19:15:20.917
Link: CVE-2021-44906
JSON object: View
Redhat Information
No data.
CWE