CVE-2019-10747: set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads.
Please fix it.
Last update: 2019-11-16
Standards version of the package is outdated.
The package should be updated to follow the last version of Debian Policy
(Standards-Version 4.5.0 instead of