Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/minimist@1.1.2
purl pkg:npm/minimist@1.1.2
Next non-vulnerable version 1.2.6
Latest non-vulnerable version 1.2.6
Risk 4.5
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-bhnm-47u8-zfhr
Aliases:
CVE-2020-7598
GHSA-vh95-rmgr-6w4m
Prototype Pollution in minimist Affected versions of `minimist` are vulnerable to prototype pollution. Arguments are not properly sanitized, allowing an attacker to modify the prototype of `Object`, causing the addition or modification of an existing property that will exist on all objects. Parsing the argument `--__proto__.y=Polluted` adds a `y` property with value `Polluted` to all objects. The argument `--__proto__=Polluted` raises and uncaught error and crashes the application. This is exploitable if attackers have control over the arguments being passed to `minimist`. ## Recommendation Upgrade to versions 0.2.1, 1.2.3 or later.
1.2.2
Affected by 2 other vulnerabilities.
1.2.3
Affected by 1 other vulnerability.
VCID-turp-dju7-c7fx
Aliases:
CVE-2021-44906
GHSA-xvch-5gv4-984h
Prototype Pollution in minimist Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
1.2.6
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:43:02.366604+00:00 GitLab Importer Affected by VCID-turp-dju7-c7fx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/minimist/CVE-2021-44906.yml 38.4.0
2026-04-16T21:01:23.584459+00:00 GitLab Importer Affected by VCID-bhnm-47u8-zfhr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/minimist/CVE-2020-7598.yml 38.4.0
2026-04-16T01:32:15.396548+00:00 GHSA Importer Affected by VCID-bhnm-47u8-zfhr https://github.com/advisories/GHSA-vh95-rmgr-6w4m 38.4.0
2026-04-11T22:58:35.148592+00:00 GitLab Importer Affected by VCID-turp-dju7-c7fx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/minimist/CVE-2021-44906.yml 38.3.0
2026-04-11T22:12:42.490989+00:00 GitLab Importer Affected by VCID-bhnm-47u8-zfhr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/minimist/CVE-2020-7598.yml 38.3.0
2026-04-11T13:01:36.516707+00:00 GHSA Importer Affected by VCID-bhnm-47u8-zfhr https://github.com/advisories/GHSA-vh95-rmgr-6w4m 38.3.0
2026-04-02T23:07:22.872106+00:00 GitLab Importer Affected by VCID-turp-dju7-c7fx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/minimist/CVE-2021-44906.yml 38.1.0
2026-04-02T22:25:06.925894+00:00 GitLab Importer Affected by VCID-bhnm-47u8-zfhr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/minimist/CVE-2020-7598.yml 38.1.0
2026-04-02T13:53:37.080981+00:00 GHSA Importer Affected by VCID-bhnm-47u8-zfhr https://github.com/advisories/GHSA-vh95-rmgr-6w4m 38.1.0
2026-04-01T17:26:41.923697+00:00 GitLab Importer Affected by VCID-turp-dju7-c7fx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/minimist/CVE-2021-44906.yml 38.0.0
2026-04-01T16:43:02.062928+00:00 GitLab Importer Affected by VCID-bhnm-47u8-zfhr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/minimist/CVE-2020-7598.yml 38.0.0