Skip to content

yargs-parser vulnerability #2559

Description

@nessor
  • Node Version: 12.16.1

  • NPM Version: 6.13.4

  • OS: Ubuntu 19.10

  • This is a bug

  • This is a modification request

Hey guys,

npm is reporting a Prototype Pollution vulnerability on the yargs-parser dependency

Low Prototype Pollution
Package yargs-parser
Patched in >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2
Dependency of webpack-dev-server [dev]
Path webpack-dev-server > yargs > yargs-parser
More info https://npmjs.com/advisories/1500

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions