Security Vulnerabilities in api-spec-trasformer

[MariaClemence]

We are using api-spec transformer version 0.2.6. We have identified security vulnerabilities identified in direct and transitive dependencies. Attached vulnerability details for reference.

artifactID Vulnerability name cryptiles-0.2.2.tgz - CVE-2018-1000620 cryptiles-2.0.5.tgz - CVE-2018-1000620 sshpk-1.13.0.tgz - WS-2018-0084 hawk-1.1.1.tgz - CVE-2016-2515 tough-cookie-0.12.1.tgz -CVE-2017-15010 marked-0.3.6.tgz - CVE-2017-16114 tough-cookie-2.3.2.tgz - CVE-2017-15010 marked-0.3.6.tgz - WS-2017-0108 base64url-1.0.6.tgz WS-2018-0096 hoek-0.9.1.tgz CVE-2018-3728 hoek-2.16.3.tgz CVE-2018-3728 lodash-4.17.4.tgz CVE-2018-3721 request-2.51.0.tgz WS-2016-0025 marked-0.3.6.tgz CVE-2017-1000427 bl-0.9.4.tgz WS-2016-0059 http-signature-0.10.1.tgz WS-2017-0266 tough-cookie-0.12.1.tgz CVE-2016-1000232 debug-2.6.8.tgz CVE-2017-16137 stringstream-0.0.4.tgz WS-2018-0103 stringstream-0.0.5.tgz WS-2018-0103 bl-0.9.4.tgz WS-2018-0074 tunnel-agent-0.4.0.tgz WS-2018-0076 concat-stream-1.4.10.tgz WS-2018-0075 node-uuid-1.4.2.tgz WS-2016-0013 lodash-4.17.4.tgz WS-2018-0210

Kindly support with assessment of the reported issues and fixes is required.