CVEs-PoC/2020/CVE-2020-7598.md

### [CVE-2020-7598](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7598)
![](https://img.shields.io/static/v1?label=Product&message=minimist&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Prototype%20Pollution&color=brighgreen)

### Description

minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.

### POC

#### Reference
- https://snyk.io/vuln/SNYK-JS-MINIMIST-559764

#### Github
- https://github.com/ForEvolve/git-extensions-for-vs-code
- https://github.com/HotDB-Community/HotDB-Engine
- https://github.com/Kirill89/Kirill89
- https://github.com/LucianoBestia/mem1_electron
- https://github.com/andisfar/LaunchQtCreator
- https://github.com/anthonykirby/lora-packet
- https://github.com/bestia-dev-archived/mem1_electron
- https://github.com/bestia-dev/mem1_electron
- https://github.com/brianmcfadden/railsindex
- https://github.com/lirantal/pp-minimist-poc
- https://github.com/nevermoe/CVE-2021-44906
- https://github.com/rpl/flow-coverage-report
- https://github.com/seal-community/patches