Describe the bug
Package is using old versions of child dependencies, which have vulnerability of very high severity.
One of the package is tough-cookie whose version used is V3.0.1 which is vulnerable , and Its minimum version that needs to be upgraded is to V4.1.3
To Reproduce
Steps to reproduce the behavior:
Install the npm package
Observe the package-lock.json file with the child dependencies.
Getting vulnerable versions of child dependencies.
Expected behavior
Latest or package with no vulnerability should be used.
Screenshots
Additional context
We are using this package from long time, due to this vulnerability in this package we have to remove this package and find an alternative, if this issue is not fixed.
Describe the bug Package is using old versions of child dependencies, which have vulnerability of very high severity. One of the package is tough-cookie whose version used is V3.0.1 which is vulnerable , and Its minimum version that needs to be upgraded is to V4.1.3
To Reproduce Steps to reproduce the behavior:
Expected behavior Latest or package with no vulnerability should be used.
Screenshots
Additional context We are using this package from long time, due to this vulnerability in this package we have to remove this package and find an alternative, if this issue is not fixed.