NPM Audit Fix Looping

[ReyWins]

Hi all!

After updating to the latest version 4.2.4, I still get a report that a low severity vulnerability was detected within this version.

fast-xml-parser  =4.2.4
fast-xml-parser regex vulnerability patch could be improved from a safety perspective - https://github.com/advisories/GHSA-gpv5-7x3g-ghjv
fix available via `npm audit fix`
node_modules/fast-xml-parser

1 low severity vulnerability

To address all issues, run:
 npm audit fix

When I run the npm audit fix it keeps telling me that there is a vulnerability found. Note, it did say high vulnerability prior to updating all the npm packages. However, now it still shows low.

So the question is, is this correct? Or am I doing something incorrectly with my npm commands?

Thank you!

Alex

[amitguptagwl]

There were few versions in past which were vulnerable. Please check changelog for better visibility. Switch to the latest version if possible.