Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Positive Technologies
Positive Technologiesadded 2026/05/21 12:0 a.m.7 views

PT-2026-42701

Summary The copyProps function in lib/src/object/copy.ts uses for...in to iterate over source object properties without an Object.hasOwnProperty check, and does not filter dangerous keys proto , constructor, prototype. This allows an attacker to pollute the prototype chain of all objects in the...

9.2CVSS5.9AI score
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-0525

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00577EPSS
Exploits1References5
vulnersOsv
vulnersOsvadded 2022/01/06 8:35 p.m.0 views

@alxandr/gatsby-transformer-blog-post (>=0.1.2 <=0.1.18), @lazurski/gulp (=4.0.0-alpha.2-1) +73 more potentially affected by CVE-2020-28503 via copy-props (=1.6.0)

copy-props NPM version =1.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on copy-props and may be impacted: - @alxandr/gatsby-transformer-blog-post =0.1.2, =0.0.18, =0.3.1-vnext, =0.3.1-vnext, =0.4.116-vnext, =0.3.1-vnext, =0.3.1-vnext, =0.3.1-vnext,...

9.8CVSS7.2AI score0.00577EPSS
Exploits1
OSV
OSVadded 2022/01/06 8:35 p.m.10 views

GHSA-897M-RJF5-JP39 Prototype Pollution in copy-props

The package copy-props before 2.0.5 are vulnerable to Prototype Pollution via the main functionality...

7.3CVSS9.4AI score0.00577EPSS
Exploits1References5
Github Security Blog
Github Security Blogadded 2022/01/06 8:35 p.m.21 views

Prototype Pollution in copy-props

The package copy-props before 2.0.5 are vulnerable to Prototype Pollution via the main functionality...

9.8CVSS8.9AI score0.00577EPSS
Exploits1References6Affected Software1
Veracode
Veracodeadded 2021/03/24 4:27 a.m.16 views

Prototype Pollution

copy-props is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes via the main functionality and modify attributes such as proto, constructor and prototype...

9.8CVSS4.3AI score0.00577EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2021/03/23 10:15 a.m.9 views

CVE-2020-28503

The package copy-props before 2.0.5 are vulnerable to Prototype Pollution via the main functionality...

9.8CVSS6.8AI score
Exploits0References3
Cvelist
Cvelistadded 2021/03/23 10:0 a.m.11 views

CVE-2020-28503 Prototype Pollution

The package copy-props before 2.0.5 are vulnerable to Prototype Pollution via the main functionality...

7.3CVSS9.5AI score0.00577EPSS
Exploits1References3
CVE
CVEadded 2021/03/23 10:0 a.m.67 views

CVE-2020-28503

Copy-props before 2.0.5 is vulnerable to Prototype Pollution via its main functionality. The issue arises from unsafe merge of objects, allowing an attacker to inject properties into Object.prototype (e.g., via proto ), with potential impact including denial of service and, in some descriptions, ...

9.8CVSS8.4AI score0.00577EPSS
Exploits1References3Affected Software1
CNNVD
CNNVDadded 2021/03/23 12:0 a.m.3 views

Takayuki Sato copy-props 安全漏洞

Takayuki Sato copy-props is Takayuki Sato open source an application system . It is used to deeply copy properties between two objects. A security vulnerability exists in copy-props before 2.0.5, which stems from susceptibility to prototype contamination...

9.8CVSS8.3AI score0.00577EPSS
Exploits1References4
Rows per page
Query Builder