In dojo the deepCopy method is vulnerable to prototype pollution which could result in code injection. Upstream Reference: https://github.com/dojo/dojo/security/advisories/GHSA-jxfh-8wgv-vfr2
Created dojo tracking bugs for this issue: Affects: epel-all [bug 1812405]
Versions of dojo older than 1.8 do not support `deepCopy`, and thus are not affected by this issue.
Upstream fix : https://github.com/dojo/dojo/commit/20a00afb68f5587946dc76fbeaa68c39bda2171d
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-5258