Vulnerabilities (CVE)

Filtered by vendor Substack Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-44906 1 Substack 1 Minimist 2024-06-21 7.5 HIGH 9.8 CRITICAL
Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
CVE-2020-7598 2 Opensuse, Substack 2 Leap, Minimist 2024-02-04 6.8 MEDIUM 5.6 MEDIUM
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.