mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-25 00:14:09 +02:00
0xMarcio
1.0 KiB
1.0 KiB
CVE-2020-7608
Description
yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload.
POC
Reference
Github
- https://github.com/Kirill89/Kirill89
- https://github.com/Live-Hack-CVE/CVE-2020-7608
- https://github.com/MaySoMusician/geidai-ikoi
- https://github.com/arsalan-learn/pnpm_test
- https://github.com/rahg0/vuln-node-app
- https://github.com/rahg0/vuln-node-app-pnpm
- https://github.com/rahg0/vuln-node-app-yarn
- https://github.com/seal-community/patches
- https://github.com/wils0n/sca-lab