The package is unmaintained and using a vulnerable dependency:
request *
Severity: moderate
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
Depends on vulnerable versions of tough-cookie
No fix available
node_modules/node-quickbooks/node_modules/request
node_modules/request
@sendgrid/client <=6.5.5
Depends on vulnerable versions of request
node_modules/@sendgrid/client
@sendgrid/mail <=6.5.5
Depends on vulnerable versions of @sendgrid/client
node_modules/@sendgrid/mail
nodemailer-sendgrid *
Depends on vulnerable versions of @sendgrid/mail
node_modules/nodemailer-sendgrid
The package is unmaintained and using a vulnerable dependency: