can you fix security issues? thanks #82
Description
Debugger attached.
npm audit report
lodash <=4.17.20
Severity: high
Prototype Pollution in lodash - GHSA-p6mc-m468-83gw
Command Injection in lodash - GHSA-35jh-r3h4-6jhm
Regular Expression Denial of Service (ReDoS) in lodash - GHSA-29mw-wpgm-hmr9
No fix available
node_modules/coinbase-commerce-node/node_modules/lodash
coinbase-commerce-node *
Depends on vulnerable versions of lodash
Depends on vulnerable versions of request
node_modules/coinbase-commerce-node
qs 6.5.0 - 6.5.2
Severity: high
qs vulnerable to Prototype Pollution - GHSA-hrpp-h998-j3pp
fix available via npm audit fix
node_modules/request/node_modules/qs
request *
Severity: moderate
Server-Side Request Forgery in Request - GHSA-p8p7-x288-28g6
Depends on vulnerable versions of tough-cookie
fix available via npm audit fix
node_modules/request
semver 7.0.0 - 7.5.1
Severity: moderate
semver vulnerable to Regular Expression Denial of Service - GHSA-c2qf-rxjj-qqgw
fix available via npm audit fix
node_modules/@npmcli/fs/node_modules/semver
tough-cookie <4.1.3
Severity: moderate
tough-cookie Prototype Pollution vulnerability - GHSA-72xf-g2v4-qvf3
fix available via npm audit fix
node_modules/tough-cookie
6 vulnerabilities (3 moderate, 3 high)
To address issues that do not require attention, run:
npm audit fix
Some issues need review, and may require choosing
a different dependency.