A transitive dependency is a library that is included in your project indirectly through another dependency. A vulnerability in a transitive dependency can be fixed by adding a new direct dependency of the library in your project.
This issue has not yet been fixed a released version of the library. Moreover, there are no known mitigation steps. If you are using this library and need help in fixing the issue, we suggest you post on our community help site.
Your minimatch 3.0.0 library, a transitive dependency in your RiseVision/rise-core repository, is subject to vulnerability SID-2489: Regular Expression Denial Of Service (ReDoS).
A transitive dependency is a library that is included in your project indirectly through another dependency. A vulnerability in a transitive dependency can be fixed by adding a new direct dependency of the library in your project.
This issue has not yet been fixed a released version of the library. Moreover, there are no known mitigation steps. If you are using this library and need help in fixing the issue, we suggest you post on our community help site.