Skip to content

[Aikido] Fix critical issue in minimist via minor version upgrade from 1.2.5 to 1.2.6 in server#31

Open
aikido-autofix[bot] wants to merge 1 commit into
masterfrom
fix/aikido-security-KAN-2584-KAN-2612-KAN-2644update-packages-26977087-s7qv
Open

[Aikido] Fix critical issue in minimist via minor version upgrade from 1.2.5 to 1.2.6 in server#31
aikido-autofix[bot] wants to merge 1 commit into
masterfrom
fix/aikido-security-KAN-2584-KAN-2612-KAN-2644update-packages-26977087-s7qv

Conversation

@aikido-autofix

Copy link
Copy Markdown

Upgrade minimist to fix critical Prototype Pollution vulnerability that could allow arbitrary code execution through malicious input.

✅ There are no breaking changes

✅ 1 CVE resolved by this upgrade, including 1 critical 🚨 CVE

This PR will resolve the following CVEs:

Issue Severity           Description
CVE-2021-44906
🚨 CRITICAL
[minimist] <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95).
🔗 Related Tasks

@aikido-autofix aikido-autofix Bot added bug Something isn't working documentation Improvements or additions to documentation labels Apr 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug Something isn't working documentation Improvements or additions to documentation

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants