Home

CVE-2020-7598

Description

minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a constructor or __proto__ payload.

Risk Information

Base Score
5.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.253

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.1Windows
Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.2Windows
Multiple Vulnerabilities are affected in IBM Planning Analytics Local 2.0Windows
(RHSA-2020:2848) nodejs:10 security update nodejs-10.21.0-3.module+el8.2.0+7071+d2377ea3.x86_64.rpmLinux
(RHSA-2020:2848) nodejs:10 security update nodejs-debugsource-10.21.0-3.module+el8.2.0+7071+d2377ea3.x86_64.rpmLinux
(RHSA-2020:2848) nodejs:10 security update nodejs-devel-10.21.0-3.module+el8.2.0+7071+d2377ea3.x86_64.rpmLinux
(RHSA-2020:2848) nodejs:10 security update nodejs-docs-10.21.0-3.module+el8.2.0+7071+d2377ea3.noarch.rpmLinux
(RHSA-2020:2848) nodejs:10 security update nodejs-full-i18n-10.21.0-3.module+el8.2.0+7071+d2377ea3.x86_64.rpmLinux
(RHSA-2020:2848) nodejs:10 security update npm-6.14.4-1.10.21.0.3.module+el8.2.0+7071+d2377ea3.x86_64.rpmLinux
(RHSA-2020:2852) nodejs:12 security update nodejs-12.18.2-1.module+el8.2.0+7233+61d664c1.x86_64.rpmLinux
(RHSA-2020:2852) nodejs:12 security update nodejs-debugsource-12.18.2-1.module+el8.2.0+7233+61d664c1.x86_64.rpmLinux
(RHSA-2020:2852) nodejs:12 security update nodejs-devel-12.18.2-1.module+el8.2.0+7233+61d664c1.x86_64.rpmLinux
(RHSA-2020:2852) nodejs:12 security update nodejs-docs-12.18.2-1.module+el8.2.0+7233+61d664c1.noarch.rpmLinux
(RHSA-2020:2852) nodejs:12 security update nodejs-full-i18n-12.18.2-1.module+el8.2.0+7233+61d664c1.x86_64.rpmLinux
(RHSA-2020:2852) nodejs:12 security update npm-6.14.5-1.12.18.2.1.module+el8.2.0+7233+61d664c1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234