Description
The package copy-props before 2.0.5 are vulnerable to Prototype Pollution via the main functionality.
Remediation
References
https://github.com/gulpjs/copy-props/pull/7
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1088047
https://snyk.io/vuln/SNYK-JS-COPYPROPS-1082870
Related Vulnerabilities
CVE-2020-36187 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2021-21661 Vulnerability in maven package org.jenkins-ci.plugins:kubernetes-cli
CVE-2022-38369 Vulnerability in maven package org.apache.iotdb:iotdb-server
CVE-2022-25927 Vulnerability in maven package org.webjars.npm:github-com-faisalman-ua-parser-js