Advisories » MGASA-2023-0035

Updated nodejs-minimist packages fix security vulnerability

Publication date: 07 Feb 2023
Modification date: 06 Feb 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-44906

Description

Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js,
function setKey() (lines 69-95). (CVE-2021-44906)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=31445
• https://access.redhat.com/errata/RHSA-2023:0321
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906

SRPMS

8/core

• nodejs-minimist-1.2.7-1.mga8