[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-7608":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":93,"aliases":103,"duplicate_of":9,"upstream":105,"downstream":106,"duplicates":121,"related":122,"reserved_at":9,"published_at":124,"modified_at":125,"state":126,"summary":127,"references_raw":135,"kevs":168,"epss":169,"epss_history":172,"metrics":440,"affected":452},"CVE-2020-7608","yargs-parser could be tricked into adding or modifying properties of Object.prototype using a \"__proto__\" payload.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-1321","Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')","The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.","weakness","Incomplete","Variant",[19,67,89],{"id":20,"name":21,"techniques":22},"CAPEC-1","Accessing Functionality Not Properly Constrained by ACLs",[23],{"id":24,"name":25,"tactics":26,"countermeasures":42},"T1574.010","Services File Permissions Weakness",[27,30,33,36,39],{"id":28,"name":29},"TA0110","Persistence",{"id":31,"name":32},"TA0111","Privilege Escalation",{"id":34,"name":35},"TA0030","Defense Evasion",{"id":37,"name":38},"TA0005","Stealth",{"id":40,"name":41},"TA0104","Execution",[43,48,52,57,62],{"id":44,"name":45,"tactic":46},"D3-SWI","Software Inventory",{"name":47},"Model",{"id":49,"name":50,"tactic":51},"D3-AVE","Asset Vulnerability Enumeration",{"name":47},{"id":53,"name":54,"tactic":55},"D3-SBV","Service Binary Verification",{"name":56},"Detect",{"id":58,"name":59,"tactic":60},"D3-SU","Software Update",{"name":61},"Harden",{"id":63,"name":64,"tactic":65},"D3-RS","Restore Software",{"name":66},"Restore",{"id":68,"name":69,"techniques":70},"CAPEC-180","Exploiting Incorrectly Configured Access Control Security Levels",[71],{"id":24,"name":25,"tactics":72,"countermeasures":78},[73,74,75,76,77],{"id":28,"name":29},{"id":31,"name":32},{"id":34,"name":35},{"id":37,"name":38},{"id":40,"name":41},[79,81,83,85,87],{"id":44,"name":45,"tactic":80},{"name":47},{"id":49,"name":50,"tactic":82},{"name":47},{"id":53,"name":54,"tactic":84},{"name":56},{"id":58,"name":59,"tactic":86},{"name":61},{"id":63,"name":64,"tactic":88},{"name":66},{"id":90,"name":91,"techniques":92},"CAPEC-77","Manipulating User-Controlled Variables",[],[94],{"_key":95,"name":96,"source":97,"url":98,"maturity":99,"reliability_score":100,"verified":101,"type":9,"platforms":102,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_C79C597017837EE7","Exploit Reference (snyk.io)","reference","https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381","unknown",0.2,false,[],[104],"GHSA-p9pc-299p-vxgp",[],[107,109,111,113,115,117,119],{"_key":108},"UBUNTU-CVE-2020-7608",{"_key":110},"MGASA-2021-0170",{"_key":112},"DEBIAN-CVE-2020-7608",{"_key":114},"RHSA-2020:5305",{"_key":116},"RHSA-2020:5499",{"_key":118},"RHSA-2021:0521",{"_key":120},"RHSA-2021:0548",[],[123],{"_key":110},"2020-03-16T19:49:49.000Z","2024-08-04T09:33:19.972Z","Modified",{"cisa_kev":101,"cisa_ransomware":101,"cisa_vendor":9,"epss_severity":128,"epss_score":129,"severity":130,"severity_score":131,"severity_version":132,"severity_source":133,"severity_vector":134,"severity_status":126},"low",0.00126,"medium",5.3,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",[136,146,151,155,159,164],{"url":98,"sources":137,"tags":140},[138,133,139],"cve.org","osv_npm",[141,142,143,144,145],"X Refsource MISC","Exploit","Patch","Third Party Advisory","WEB",{"url":147,"sources":148,"tags":149},"https://nvd.nist.gov/vuln/detail/CVE-2020-7608",[139],[150],"Advisory",{"url":152,"sources":153,"tags":154},"https://github.com/yargs/yargs-parser/commit/1c417bd0b42b09c475ee881e36d292af4fa2cc36",[139],[145],{"url":156,"sources":157,"tags":158},"https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2",[139],[145],{"url":160,"sources":161,"tags":162},"https://github.com/yargs/yargs-parser",[139],[163],"PACKAGE",{"url":165,"sources":166,"tags":167},"https://www.npmjs.com/advisories/1500",[139],[145],[],{"date":170,"score":129,"percentile":171},"2026-06-04",0.31452,[173,177,180,183,186,189,192,195,198,201,204,207,210,213,216,220,223,226,229,232,235,238,241,244,247,250,253,256,260,263,266,269,271,273,276,278,281,284,287,290,293,296,299,302,305,308,311,314,317,320,323,326,329,331,334,336,339,341,344,347,350,353,356,359,361,364,367,370,372,375,378,382,385,388,391,394,397,400,403,406,409,412,415,418,421,424,427,430,433,436],{"date":174,"score":175,"percentile":176},"2025-11-04",0.0011,0.30098,{"date":178,"score":175,"percentile":179},"2025-11-05",0.30073,{"date":181,"score":175,"percentile":182},"2025-11-06",0.30086,{"date":184,"score":175,"percentile":185},"2025-11-07",0.30092,{"date":187,"score":175,"percentile":188},"2025-11-08",0.30096,{"date":190,"score":175,"percentile":191},"2025-11-09",0.30075,{"date":193,"score":175,"percentile":194},"2025-11-10",0.30053,{"date":196,"score":175,"percentile":197},"2025-11-11",0.30072,{"date":199,"score":175,"percentile":200},"2025-11-12",0.30115,{"date":202,"score":175,"percentile":203},"2025-11-13",0.30132,{"date":205,"score":175,"percentile":206},"2025-11-14",0.30129,{"date":208,"score":175,"percentile":209},"2025-11-15",0.30126,{"date":211,"score":175,"percentile":212},"2025-11-16",0.30099,{"date":214,"score":175,"percentile":215},"2025-11-17",0.30078,{"date":217,"score":218,"percentile":219},"2025-11-18",0.00062,0.14902,{"date":221,"score":218,"percentile":222},"2025-11-19",0.14918,{"date":224,"score":218,"percentile":225},"2025-11-20",0.1493,{"date":227,"score":175,"percentile":228},"2025-11-21",0.30116,{"date":230,"score":175,"percentile":231},"2025-11-22",0.30123,{"date":233,"score":175,"percentile":234},"2025-11-23",0.3009,{"date":236,"score":175,"percentile":237},"2025-11-24",0.30068,{"date":239,"score":175,"percentile":240},"2025-11-25",0.30064,{"date":242,"score":175,"percentile":243},"2025-11-26",0.30062,{"date":245,"score":175,"percentile":246},"2025-11-27",0.30076,{"date":248,"score":175,"percentile":249},"2025-11-28",0.30054,{"date":251,"score":175,"percentile":252},"2025-11-29",0.30043,{"date":254,"score":175,"percentile":255},"2025-11-30",0.30019,{"date":257,"score":258,"percentile":259},"2025-12-01",0.00044,0.13323,{"date":261,"score":258,"percentile":262},"2025-12-02",0.13341,{"date":264,"score":258,"percentile":265},"2025-12-03",0.13363,{"date":267,"score":175,"percentile":268},"2025-12-04",0.30032,{"date":270,"score":175,"percentile":197},"2025-12-05",{"date":272,"score":175,"percentile":179},"2025-12-06",{"date":274,"score":175,"percentile":275},"2025-12-07",0.30048,{"date":277,"score":175,"percentile":249},"2025-12-08",{"date":279,"score":175,"percentile":280},"2025-12-09",0.30112,{"date":282,"score":175,"percentile":283},"2025-12-10",0.30176,{"date":285,"score":175,"percentile":286},"2025-12-11",0.30205,{"date":288,"score":175,"percentile":289},"2025-12-12",0.30227,{"date":291,"score":175,"percentile":292},"2025-12-13",0.30229,{"date":294,"score":175,"percentile":295},"2025-12-14",0.30204,{"date":297,"score":175,"percentile":298},"2025-12-15",0.30174,{"date":300,"score":175,"percentile":301},"2025-12-16",0.30191,{"date":303,"score":175,"percentile":304},"2025-12-17",0.30233,{"date":306,"score":175,"percentile":307},"2025-12-18",0.30283,{"date":309,"score":175,"percentile":310},"2025-12-19",0.30296,{"date":312,"score":175,"percentile":313},"2025-12-20",0.30274,{"date":315,"score":175,"percentile":316},"2025-12-21",0.30225,{"date":318,"score":175,"percentile":319},"2025-12-22",0.30183,{"date":321,"score":175,"percentile":322},"2025-12-23",0.30157,{"date":324,"score":175,"percentile":325},"2025-12-24",0.30164,{"date":327,"score":175,"percentile":328},"2025-12-25",0.30235,{"date":330,"score":175,"percentile":304},"2025-12-26",{"date":332,"score":175,"percentile":333},"2025-12-27",0.30236,{"date":335,"score":175,"percentile":322},"2025-12-28",{"date":337,"score":175,"percentile":338},"2025-12-29",0.3013,{"date":340,"score":175,"percentile":206},"2025-12-30",{"date":342,"score":175,"percentile":343},"2025-12-31",0.30181,{"date":345,"score":258,"percentile":346},"2026-01-01",0.1375,{"date":348,"score":258,"percentile":349},"2026-01-02",0.13738,{"date":351,"score":258,"percentile":352},"2026-01-03",0.13703,{"date":354,"score":175,"percentile":355},"2026-01-04",0.30154,{"date":357,"score":175,"percentile":358},"2026-01-05",0.30146,{"date":360,"score":175,"percentile":322},"2026-01-06",{"date":362,"score":175,"percentile":363},"2026-01-07",0.30187,{"date":365,"score":175,"percentile":366},"2026-01-08",0.30214,{"date":368,"score":175,"percentile":369},"2026-01-09",0.30209,{"date":371,"score":175,"percentile":295},"2026-01-10",{"date":373,"score":175,"percentile":374},"2026-01-11",0.30175,{"date":376,"score":175,"percentile":377},"2026-01-12",0.30117,{"date":379,"score":380,"percentile":381},"2026-01-13",0.00109,0.29839,{"date":383,"score":380,"percentile":384},"2026-01-14",0.29885,{"date":386,"score":380,"percentile":387},"2026-01-15",0.29882,{"date":389,"score":380,"percentile":390},"2026-01-16",0.29911,{"date":392,"score":380,"percentile":393},"2026-01-17",0.29902,{"date":395,"score":380,"percentile":396},"2026-01-18",0.29846,{"date":398,"score":380,"percentile":399},"2026-01-19",0.29813,{"date":401,"score":380,"percentile":402},"2026-01-20",0.29798,{"date":404,"score":380,"percentile":405},"2026-01-21",0.29747,{"date":407,"score":380,"percentile":408},"2026-01-22",0.2972,{"date":410,"score":380,"percentile":411},"2026-01-23",0.29788,{"date":413,"score":129,"percentile":414},"2026-01-24",0.32577,{"date":416,"score":129,"percentile":417},"2026-01-25",0.32507,{"date":419,"score":129,"percentile":420},"2026-01-26",0.32417,{"date":422,"score":129,"percentile":423},"2026-01-27",0.32405,{"date":425,"score":129,"percentile":426},"2026-01-28",0.32378,{"date":428,"score":129,"percentile":429},"2026-01-29",0.32337,{"date":431,"score":129,"percentile":432},"2026-01-30",0.32329,{"date":434,"score":129,"percentile":435},"2026-01-31",0.32339,{"date":437,"score":438,"percentile":439},"2026-02-01",0.00052,0.16154,[441,450],{"source":133,"cvss_v2_0":442,"cvss_v3_0":9,"cvss_v3_1":447,"cvss_v4_0":9},{"baseScore":443,"baseSeverity":9,"vectorString":444,"impactScore":445,"exploitabilityScore":446},4.6,"AV:L/AC:L/Au:N/C:P/I:P/A:P",6.4,3.9,{"baseScore":131,"baseSeverity":448,"vectorString":134,"impactScore":449,"exploitabilityScore":443},"MEDIUM",5.7,{"source":139,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":451,"cvss_v4_0":9},{"baseScore":131,"baseSeverity":9,"vectorString":134,"impactScore":449,"exploitabilityScore":443},[453,477],{"ecosystem":454,"name":455,"vendor":454,"product":455,"cpe_part":9,"purl_type":456,"purl_namespace":9,"purl_name":455,"source":9,"versions":457},"Npm","yargs-parser","npm",[458,466,470,474],{"version":459,"is_range":460,"range_type":461,"version_start":462,"version_start_type":463,"version_end":464,"version_end_type":465,"fixed_in":9},"gte6_0_0_lt13_1_2",true,"semver","6.0.0","including","13.1.2","excluding",{"version":467,"is_range":460,"range_type":461,"version_start":468,"version_start_type":463,"version_end":469,"version_end_type":465,"fixed_in":9},"gte14_0_0_lt15_0_1","14.0.0","15.0.1",{"version":471,"is_range":460,"range_type":461,"version_start":472,"version_start_type":463,"version_end":473,"version_end_type":465,"fixed_in":9},"gte16_0_0_lt18_1_1","16.0.0","18.1.1",{"version":475,"is_range":460,"range_type":461,"version_start":9,"version_start_type":9,"version_end":476,"version_end_type":465,"fixed_in":9},"lt5_0_1","5.0.1",{"ecosystem":9,"name":455,"vendor":478,"product":455,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":480},"yargs","a",[481,484,486,488],{"version":482,"is_range":460,"range_type":483,"version_start":9,"version_start_type":9,"version_end":476,"version_end_type":465,"fixed_in":9},"lt5.0.1","cpe",{"version":485,"is_range":460,"range_type":483,"version_start":462,"version_start_type":463,"version_end":464,"version_end_type":465,"fixed_in":9},"gte6.0.0_lt13.1.2",{"version":487,"is_range":460,"range_type":483,"version_start":468,"version_start_type":463,"version_end":469,"version_end_type":465,"fixed_in":9},"gte14.0.0_lt15.0.1",{"version":489,"is_range":460,"range_type":483,"version_start":472,"version_start_type":463,"version_end":473,"version_end_type":465,"fixed_in":9},"gte16.0.0_lt18.1.1"]