Description
The package copy-props before 2.0.5 are vulnerable to Prototype Pollution via the main functionality.
Remediation
References
https://github.com/gulpjs/copy-props/pull/7
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1088047
https://snyk.io/vuln/SNYK-JS-COPYPROPS-1082870
Related Vulnerabilities
CVE-2022-41404 Vulnerability in maven package org.ini4j:ini4j
CVE-2020-11998 Vulnerability in maven package org.apache.activemq:activemq-broker
CVE-2022-23496 Vulnerability in maven package nl.basjes.parse.useragent:yauaa-nifi-parent
CVE-2023-3620 Vulnerability in npm package tarteaucitronjs
CVE-2021-45105 Vulnerability in maven package org.apache.logging.log4j:log4j-core