Updated nodejs-yargs-parser packages fix security vulnerability
Publication date: 02 Apr 2021Modification date: 02 Apr 2021
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-7608
Description
yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "__proto__" payload (CVE-2020-7608).
References
SRPMS
7/core
- nodejs-yargs-parser-10.0.0-3.1.mga7