Find real vulnerabilities before they ship
Vulnerability Database › npm › CVE-2020-28450
This affects all versions of package decal. The vulnerability is in the extend function.