ANSWER:
Moderate issue does not impact this repo since EKS is not used.
# npm audit report
aws-cdk-lib *
Severity: moderate
AWS CDK EKS overly permissive trust policies - https://github.com/advisories/GHSA-rx28-r23p-2qc3
Depends on vulnerable versions of semver
fix available via `npm audit fix --force`
Will install aws-cdk-lib@2.87.0, which is outside the stated dependency range
node_modules/aws-cdk-lib
semver 7.0.0 - 7.5.1
Severity: moderate
semver vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
fix available via `npm audit fix --force`
Will install aws-cdk-lib@2.87.0, which is outside the stated dependency range
node_modules/aws-cdk-lib/node_modules/semve
Steps to reproduce the problem
ANSWER: NA
Specifications like the version of the project, operating system, or hardware
Expected behavior and actual behavior
ANSWER: Moderate issue does not impact this repo since EKS is not used.
Steps to reproduce the problem
ANSWER: NA
Specifications like the version of the project, operating system, or hardware
ANSWER: as of Jul 17, 2023