GHSA-mh6f-8j2x-4483: Critical severity vulnerability that affects event-stream and flatmap-stream

Severity: Critical

CVSS Score: 9.8

The NPM package `flatmap-stream` is considered malicious. A malicious actor added this package as a dependency to the NPM `event-stream` package in version `3.3.6`. Users of `event-stream` are encouraged to downgrade to the last non-malicious version, `3.3.4`, or upgrade to the latest 4.x version. Users of `flatmap-stream` are encouraged to remove the dependency entirely.