EPSS
Percentile
81.0%
copy-props is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes via the main functionality and modify attributes such as __proto__, constructor and prototype.
__proto__
constructor
prototype
github.com/gulpjs/copy-props/commit/2c738f5c52cfb384b43d977a56a3ab7ce465df9b
github.com/gulpjs/copy-props/pull/7