{"id":"CVE-2020-7598","details":"minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a \"constructor\" or \"__proto__\" payload.","aliases":["GHSA-vh95-rmgr-6w4m"],"modified":"2026-03-13T22:14:04.796256Z","published":"2020-03-11T23:15:11.917Z","related":["ALSA-2020:2848","ALSA-2020:2852","SNYK-JS-MINIMIST-559764","SUSE-RU-2020:1238-1","SUSE-SU-2020:1568-1","SUSE-SU-2020:1575-1","SUSE-SU-2020:1576-1","SUSE-SU-2020:1606-1","SUSE-SU-2020:1623-1","SUSE-SU-2020:2800-1","openSUSE-SU-2020:0802-1"],"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html"},{"type":"FIX","url":"https://snyk.io/vuln/SNYK-JS-MINIMIST-559764"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7598.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"1.2.2"}]},{"events":[{"introduced":"0"},{"last_affected":"15.1"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}]}