Malicious code in set-nested-prop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e3ace4ffb79a5de4b7a82ae75ffdcccb6233dce2bfa2a4f32f70a3dc6921a03 The package set-nested-prop was found to contain malicious code. Source: ghsa-malware 35b0b9a8f67ec13668f93a14f45e037dc7cb3c33fa4c688e13b10a3cd2c5d3a...

@cycle-mega-driver/database (>=0.2.1 <=0.3.2), @fluidnotions/rx-pouch (>=0.6.7 <=0.6.8) +3 more potentially affected by unknown CVE via set-nested-prop (=2.0.0)

set-nested-prop NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on set-nested-prop and may be impacted: - @cycle-mega-driver/database =0.2.1, =0.6.7, =1.0.0, =0.3.0, =0.6.9 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191010...

EUVD-2025-199033

Malicious code in set-nested-prop npm...

MAL-2025-191010 Malicious code in set-nested-prop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e3ace4ffb79a5de4b7a82ae75ffdcccb6233dce2bfa2a4f32f70a3dc6921a03 The package set-nested-prop was found to contain malicious code. Source: ghsa-malware 35b0b9a8f67ec13668f93a14f45e037dc7cb3c33fa4c688e13b10a3cd2c5d3a...

@cycle-mega-driver/database (>=0.2.1 <=0.3.2), @fluidnotions/rx-pouch (>=0.6.7 <=0.6.8) +3 more potentially affected by unknown CVE via set-nested-prop (=2.0.0)

set-nested-prop NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on set-nested-prop and may be impacted: - @cycle-mega-driver/database =0.2.1, =0.6.7, =1.0.0, =0.3.0, =0.6.9 Source cves: unknown CVE Source advisory:...