Affected versions of sds
are vulnerable to prototype pollution. The set
function does not restrict the modification of an Object’s prototype, which may allow an attacker to add or modify an existing property that will exist on all objects.
Upgrade to version 4.0.0 or later