Debian Node-Minimist vulnerabilities
2 known vulnerabilities affecting debian/node-minimist.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-44906CRITICALCVSS 9.8fixed in node-minimist 1.2.6+~cs5.3.2-1 (bookworm)2021
CVE-2021-44906 [CRITICAL] CVE-2021-44906: node-minimist - Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, functio...
Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
Scope: local
bookworm: resolved (fixed in 1.2.6+~cs5.3.2-1)
bullseye: resolved (fixed in 1.2.5+~cs5.3.1-2+deb11u1)
forky: resolved (fixed in 1.2.6+~cs5.3.2-1)
sid: resolved (fixed in 1.2.6+~cs5.3.2-1)
trixie: resolved (fixed in 1.2.6+~cs5.3.2-1)
debian
CVE-2020-7598MEDIUMCVSS 5.6fixed in node-minimist 1.2.5-1 (bookworm)2020
CVE-2020-7598 [MEDIUM] CVE-2020-7598: node-minimist - minimist before 1.2.2 could be tricked into adding or modifying properties of Ob...
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.
Scope: local
bookworm: resolved (fixed in 1.2.5-1)
bullseye: resolved (fixed in 1.2.5-1)
forky: resolved (fixed in 1.2.5-1)
sid: resolved (fixed in 1.2.5-1)
trixie: resolved (fixed in 1.2.5-1)
debian