#### Found **16** vulnerabilities within **831** dependencies. | Critical | High | Moderate | Low | Info | |:---------|:-----|:---------|:----|:-----| | 0 | 10 | 6 | 0 | 0 | #### Known vulnerabilities: | Name | Package name | Severity | CVEs | Recommendation | |:--------------------|:--------------------|:---------------------------------|:-------|:-------| | [ Inefficient Regular Expression Complexity in chalk/ansi-regex](https://github.com/advisories/GHSA-93q8-gq69-wqmw) | [ansi-regex](https://www.npmjs.com/package/ansi-regex) | moderate | [CWE-918](https://www.security-database.com/cwe.php?name=CWE-918), [CVE-2021-3807](https://nvd.nist.gov/vuln/detail/CVE-2021-3807) | Upgrade to version 5.0.1 or later | | [Prototype Pollution in set-value](https://github.com/advisories/GHSA-4jqc-8m5r-9rpr) | [set-value](https://www.npmjs.com/package/set-value) | high | [CWE-843](https://www.security-database.com/cwe.php?name=CWE-843), [CVE-2021-23440](https://nvd.nist.gov/vuln/detail/CVE-2021-23440) | Upgrade to version 4.0.1 or later | #### Recommended actions: | Package | Action | Target version | Major update | What to do | |:--------|:-------|:---------------|:----------------|:-----------| | [ansi-regex](https://www.npmjs.com/package/ansi-regex) | update | 5.0.1 | | npm update ansi-regex --depth 4 | | [ansi-regex](https://www.npmjs.com/package/ansi-regex) | review | | | Manual review | | [set-value](https://www.npmjs.com/package/set-value) | review | | | Manual review | It seems that most of them are coming from `hellosign-sdk > expect`
Found 16 vulnerabilities within 831 dependencies.
Known vulnerabilities:
Recommended actions:
It seems that most of them are coming from
hellosign-sdk > expect