Snyk lists http-cache-semantics as having a Regular Expression Denial of Service (ReDoS) security vulnerability for any versions prior to 4.1.1. Read here for more info.
In this package, the dependency on "got": "^11.8.5" internally has a dependency on "cacheable-request": "^7.0.2", which in turn has a dependency on "http-cache-semantics": "^4.0.0" -- which is tied to a minor version that has the security vulnerability mentioned above.
Snyk lists
http-cache-semantics
as having a Regular Expression Denial of Service (ReDoS) security vulnerability for any versions prior to4.1.1
. Read here for more info.In this package, the dependency on
"got": "^11.8.5"
internally has a dependency on"cacheable-request": "^7.0.2"
, which in turn has a dependency on"http-cache-semantics": "^4.0.0"
-- which is tied to a minor version that has the security vulnerability mentioned above.