yarn-audit-known-issues

{"value":"@types/helmet","children":{"ID":"@types/helmet (deprecation)","Issue":"This is a stub types definition. helmet provides its own type definitions, so you do not need this installed.","Severity":"moderate","Vulnerable Versions":"4.0.0","Tree Versions":["4.0.0"],"Dependents":["rpe-expressjs-template@workspace:."]}}
{"value":"axios","children":{"ID":1103618,"Issue":"axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL","URL":"https://github.com/advisories/GHSA-jr5f-v2jv-69x6","Severity":"high","Vulnerable Versions":">=1.0.0 <1.8.2","Tree Versions":["1.7.4"],"Dependents":["rpe-expressjs-template@workspace:."]}}
{"value":"brace-expansion","children":{"ID":1105444,"Issue":"brace-expansion Regular Expression Denial of Service vulnerability","URL":"https://github.com/advisories/GHSA-v6h2-p8h4-qcjw","Severity":"low","Vulnerable Versions":">=2.0.0 <=2.0.1","Tree Versions":["2.0.1"],"Dependents":["minimatch@npm:9.0.5"]}}
{"value":"cookie","children":{"ID":1103907,"Issue":"cookie accepts cookie name, path, and domain with out of bounds characters","URL":"https://github.com/advisories/GHSA-pxg6-pf52-xh8x","Severity":"low","Vulnerable Versions":"<0.7.0","Tree Versions":["0.4.0"],"Dependents":["csurf@npm:1.11.0"]}}
{"value":"csurf","children":{"ID":"csurf (deprecation)","Issue":"This package is archived and no longer maintained. For support, visit https://github.com/expressjs/express/discussions","Severity":"moderate","Vulnerable Versions":"1.11.0","Tree Versions":["1.11.0"],"Dependents":["rpe-expressjs-template@workspace:."]}}
{"value":"formidable","children":{"ID":1105075,"Issue":"Formidable relies on hexoid to prevent guessing of filenames for untrusted executable content","URL":"https://github.com/advisories/GHSA-75v8-2h7p-7m2m","Severity":"low","Vulnerable Versions":">=3.1.1-canary.20211030 <3.5.3","Tree Versions":["3.5.2"],"Dependents":["superagent@npm:9.0.2"]}}