[Security] Resolve Multiple Vulnerabilities Detected in NPM Packages

[vaibhavyadav-dev]

Description

A number of vulnerabilities were detected in the following NPM packages. Immediate action is required to mitigate potential security risks.

List of Vulnerabilities:

1. Babel - Arbitrary code execution Severity: Critical
   Affected Package: babel/traverse

2. path-to-regexp - Backtracking regular expressions Severity: High
   Affected Package: path-to-regexp

3. axios - Server-Side Request Forgery Severity: High
   Affected Package: axios

4. braces - Uncontrolled resource consumption Severity: High
   Affected Package: braces

5. semver - Regular Expression Denial of Service (ReDoS) Severity: High
   Affected Package: semver

6. nth-check - Inefficient Regular Expression Complexity Severity: High
   Affected Package: nth-check

7. rollup - DOM Clobbering Gadget leads to XSS Severity: High
   Affected Package: rollup

8. body-parser - Denial of Service with URL Encoding Severity: High
   Affected Package: body-parser

9. @adobe/css-tools - ReDoS while parsing CSS Severity: Moderate
   Affected Package: @adobe/css-tools

Steps to Reproduce:

1. Review the vulnerabilities in package-lock.json.
2. Identify the versions of the affected packages.
3. Update to the latest patched versions or remove vulnerable packages where possible.

Expected Outcome:

• All identified vulnerabilities should be addressed, either through version upgrades or patches, to ensure system security and stability.

Labels:

• Security, High Priority

[kalyan90]

@vaibhavyadav-dev I can look into this one, can you please assign this to me?

[kalyan90]

@vaibhavyadav-dev PR has been submitted to address this issue https://github.com/BharatSeva/BharatSeva-Plus-User-Interface/pull/28

[vaibhavyadav-dev]

ok @kalyan90