Advisories ยป MGASA-2021-0170

Updated nodejs-yargs-parser packages fix security vulnerability

Publication date: 02 Apr 2021
Modification date: 02 Apr 2021
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-7608

Description

yargs-parser could be tricked into adding or modifying properties of
Object.prototype using a "__proto__" payload (CVE-2020-7608).
                

References

SRPMS

7/core