CVE-2021-44906 @ Npm-minimist-1.2.5 #13
Description
Vulnerable Package issue exists @ Npm-minimist-1.2.5 in branch main
Minimist through 1.2.5 is vulnerable to Prototype Pollution via file "index.js", function "setKey()" (lines 69-95).
Namespace: yangricardo
Repository: nextjs-tailwind-reacthook-form-ant-design-template
Repository Url: https://github.com/yangricardo/nextjs-tailwind-reacthook-form-ant-design-template
CxAST-Project: yangricardo/nextjs-tailwind-reacthook-form-ant-design-template
CxAST platform scan: 1c12eb90-4f8a-4eb7-a810-acf7fa5369de
Branch: main
Application: nextjs-tailwind-reacthook-form-ant-design-template
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-1321
Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
Remediation Upgrade Recommendation: 1.2.6
References
Advisory
Release Note
Commit