VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-utt4-1yh8-aaad

Essentials
Severities (124)
References (34)
Severity details (25)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-utt4-1yh8-aaad
Aliases	CVE-2020-7598 GHSA-vh95-rmgr-6w4m
Summary	Improper Input Validation minimist could be tricked into adding or modifying properties of `Object.prototype` using a `constructor` or `__proto__` payload.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-1321	Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-20	Improper Input Validation
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3.1	5.6	http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-7598.html
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:2362
rhas	Important	https://access.redhat.com/errata/RHSA-2020:2847
rhas	Important	https://access.redhat.com/errata/RHSA-2020:2848
rhas	Important	https://access.redhat.com/errata/RHSA-2020:2849
rhas	Important	https://access.redhat.com/errata/RHSA-2020:2852
rhas	Important	https://access.redhat.com/errata/RHSA-2020:2895
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:2992
rhas	Important	https://access.redhat.com/errata/RHSA-2020:3042
rhas	Important	https://access.redhat.com/errata/RHSA-2020:3084
rhas	Important	https://access.redhat.com/errata/RHSA-2020:3247
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:4298
rhas	Moderate	https://access.redhat.com/errata/RHSA-2021:2643
cvssv3	5.6	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7598.json
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00139	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00139	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00139	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00139	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00155	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00155	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00155	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00155	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00155	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00155	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00253	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.0026	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.0026	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.0026	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
epss	0.00881	https://api.first.org/data/v1/epss?cve=CVE-2020-7598
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=1813344
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7598
cvssv3.1	8.1	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-vh95-rmgr-6w4m
cvssv3.1	5.6	https://github.com/minimistjs/minimist/commit/10bd4cdf49d9686d48214be9d579a9cdfda37c68
generic_textual	MODERATE	https://github.com/minimistjs/minimist/commit/10bd4cdf49d9686d48214be9d579a9cdfda37c68
cvssv3.1	5.6	https://github.com/minimistjs/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab
generic_textual	MODERATE	https://github.com/minimistjs/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab
cvssv3.1	5.6	https://github.com/minimistjs/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95
generic_textual	MODERATE	https://github.com/minimistjs/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95
cvssv3.1	5.6	https://github.com/minimistjs/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94
generic_textual	MODERATE	https://github.com/minimistjs/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94
cvssv3.1	9.8	https://github.com/substack/minimist
generic_textual	CRITICAL	https://github.com/substack/minimist
cvssv2	6.8	https://nvd.nist.gov/vuln/detail/CVE-2020-7598
cvssv3	5.6	https://nvd.nist.gov/vuln/detail/CVE-2020-7598
cvssv3.1	5.6	https://nvd.nist.gov/vuln/detail/CVE-2020-7598
cvssv3.1	9.8	https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
generic_textual	CRITICAL	https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
cvssv3.1	5.6	https://www.npmjs.com/advisories/1179
generic_textual	MODERATE	https://www.npmjs.com/advisories/1179

Reference id	Reference type	URL
		http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html
		http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-7598.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7598.json
		https://api.first.org/data/v1/epss?cve=CVE-2020-7598
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7598
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/minimistjs/minimist/commit/10bd4cdf49d9686d48214be9d579a9cdfda37c68
		https://github.com/minimistjs/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab
		https://github.com/minimistjs/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95
		https://github.com/minimistjs/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94
		https://github.com/substack/minimist
		https://github.com/substack/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab
		https://github.com/substack/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95
		https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94
		https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
		https://www.npmjs.com/advisories/1179
1813344		https://bugzilla.redhat.com/show_bug.cgi?id=1813344
953762		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953762
cpe:2.3:a:substack:minimist::::::node.js::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:substack:minimist::::::node.js::*
cpe:2.3:o:opensuse:leap:15.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
CVE-2020-7598		https://nvd.nist.gov/vuln/detail/CVE-2020-7598
GHSA-vh95-rmgr-6w4m		https://github.com/advisories/GHSA-vh95-rmgr-6w4m
RHSA-2020:2362		https://access.redhat.com/errata/RHSA-2020:2362
RHSA-2020:2847		https://access.redhat.com/errata/RHSA-2020:2847
RHSA-2020:2848		https://access.redhat.com/errata/RHSA-2020:2848
RHSA-2020:2849		https://access.redhat.com/errata/RHSA-2020:2849
RHSA-2020:2852		https://access.redhat.com/errata/RHSA-2020:2852
RHSA-2020:2895		https://access.redhat.com/errata/RHSA-2020:2895
RHSA-2020:2992		https://access.redhat.com/errata/RHSA-2020:2992
RHSA-2020:3042		https://access.redhat.com/errata/RHSA-2020:3042
RHSA-2020:3084		https://access.redhat.com/errata/RHSA-2020:3084
RHSA-2020:3247		https://access.redhat.com/errata/RHSA-2020:3247
RHSA-2020:4298		https://access.redhat.com/errata/RHSA-2020:4298
RHSA-2021:2643		https://access.redhat.com/errata/RHSA-2021:2643

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7598.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://github.com/minimistjs/minimist/commit/10bd4cdf49d9686d48214be9d579a9cdfda37c68

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://github.com/minimistjs/minimist/commit/38a4d1caead72ef99e824bb420a2528eec03d9ab

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://github.com/minimistjs/minimist/commit/4cf1354839cb972e38496d35e12f806eea92c11f#diff-a1e0ee62c91705696ddb71aa30ad4f95

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://github.com/minimistjs/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/substack/minimist

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2020-7598

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2020-7598

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2020-7598

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://snyk.io/vuln/SNYK-JS-MINIMIST-559764

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://www.npmjs.com/advisories/1179

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.43771
EPSS Score	0.00105
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.