Describe the bug
This package is dependent on an old version of postman-collection which is dependent on a vulnerable semver version.
To Reproduce
When running npm audit the following output appears:
semver 7.0.0 - 7.5.1
Severity: moderate
semver vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
fix available via `npm audit fix --force`
Will install postman-code-generators@1.0.2, which is a breaking change
node_modules/postman-collection/node_modules/semver
postman-collection 3.6.0-beta.1 - 4.1.7
Depends on vulnerable versions of semver
node_modules/postman-collection
postman-code-generators >=1.1.0
Depends on vulnerable versions of postman-collection
node_modules/postman-code-generators
3 moderate severity vulnerabilities
Describe the bug This package is dependent on an old version of
postman-collection
which is dependent on a vulnerablesemver
version.To Reproduce When running
npm audit
the following output appears:Fix suggestion Update
postman-collection
to version4.4.0
.Additional context