@antv/xflow-diff (=1.0.0), @equota/web-designer (>=0.0.4 <=0.0.11) +3 more potentially affected by unknown CVE via @antv/xflow (=2.2.4)

@antv/xflow NPM version =2.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/xflow and may be impacted: - @antv/xflow-diff =1.0.0 - @equota/web-designer =0.0.4, =0.0.1, =1.0.0, =0.1.0, =0.1.1 Source cves: unknown CVE Source advisory:...

EUVD-2006-1851

Malware in sbrugna...