Advisories for Npm/Set-Value package

This affects the package set-value A type confusion vulnerability can lead to a bypass of CVE-2019-10747 when the user-provided keys used in the path parameter are arrays.

set-value is vulnerable to Prototype Pollution. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and proto payloads.