MGASA-2021-0170 - Updated nodejs-yargs-parser packages fix security vulnerability

Publication date: 02 Apr 2021
URL: https://advisories.mageia.org/MGASA-2021-0170.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2020-7608

yargs-parser could be tricked into adding or modifying properties of
Object.prototype using a "__proto__" payload (CVE-2020-7608).

References:
- https://bugs.mageia.org/show_bug.cgi?id=27975
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7608

SRPMS:
- 7/core/nodejs-yargs-parser-10.0.0-3.1.mga7