Angular-devkit/build-angular 17.0.8: 4 moderate severity vulnerabilities

[lokeshv12]

While installing latest Angular version, I found 4 moderate security vulnerables. Angular devkit is dependent on the Axios module which is causing this vulnerability. Following is the audit report.

npm audit report :
axios 0.8.1 - 1.5.1
Severity: moderate
Axios Cross-Site Request Forgery Vulnerability - GHSA-wf5p-g6vw-rhxx
fix available via npm audit fix --force
Will install @angular-devkit/[email protected], which is a breaking change
node_modules/axios
localtunnel >=1.9.0
Depends on vulnerable versions of axios
node_modules/localtunnel
browser-sync 2.24.0-rc1 - 3.0.0-alpha.2
Depends on vulnerable versions of localtunnel
node_modules/browser-sync
@angular-devkit/build-angular >=17.0.0-next.0
Depends on vulnerable versions of browser-sync
node_modules/@angular-devkit/build-angular

4 moderate severity vulnerabilities

Attack scenario
Cross-Site Request Forgery Vulnerability is a serious security threat the to web sites and hackers can manipulate the data.

[alan-agius4]

Duplicate of #26349

[angular-automatic-lock-bot]

This issue has been automatically locked due to inactivity.
Please file a new issue if you are encountering a similar or related problem.

Read more about our automatic conversation locking policy.

_{This action has been performed automatically by a bot.}