MGASA-2023-0035

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2021-44906

Published: 07 Feb 2023, 00:06

Last modified:16 Apr 2026, 04:22

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

07 Feb 2023, 00:06

Published

Vulnerability first disclosed

16 Apr 2026, 04:22

Last Modified

Vulnerability information updated

Description

Updated nodejs-minimist packages fix security vulnerability Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95). (CVE-2021-44906)

Affected Systems

mageia•nodejs-minimist
< 1.2.7-1.mga8

References (3)

https://advisories.mageia.org/MGASA-2023-0035.html
https://bugs.mageia.org/show_bug.cgi?id=31445
https://access.redhat.com/errata/RHSA-2023:0321