CVE-2021-44906 @ Npm-minimist-0.0.8 #465

RobertMickleCx · 2023-03-10T18:41:41Z

Vulnerable Package issue exists @ Npm-minimist-0.0.8 in branch master

Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).

Namespace: RobertMickleCx
Repository: NodeGoat
Repository Url: https://github.com/RobertMickleCx/NodeGoat
CxAST-Project: RobertMickleCx/NodeGoat
CxAST platform scan: 3f4864fd-127b-412c-8cca-4b4873ce2f29
Branch: master
Application: NodeGoat
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-1321

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
Remediation Upgrade Recommendation: 1.2.6

References
Advisory
Issue
Pull request
Commit
Vulnerable code

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2021-44906 @ Npm-minimist-0.0.8 #465

CVE-2021-44906 @ Npm-minimist-0.0.8 #465

RobertMickleCx commented Mar 10, 2023

CVE-2021-44906 @ Npm-minimist-0.0.8 #465

CVE-2021-44906 @ Npm-minimist-0.0.8 #465

Comments

RobertMickleCx commented Mar 10, 2023