[Adaptivecards Templating]: adaptivecards-templating depends on vulnerable version of adaptive-expressions #9351
Description
After installing the latest version of adaptivecards-templating, I'm getting a warning about critical vulnerability in the fast-xml-parser that is transitive dependency of adaptive-expressions:
npm audit report
fast-xml-parser 4.1.3 - 5.3.5
Severity: critical
fast-xml-parser affected by DoS through entity expansion in DOCTYPE (no expansion limit) - GHSA-jmr7-xgp7-cmfj
fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names - GHSA-m7jm-9gc2-mpf2
fix available via npm audit fix
node_modules/fast-xml-parser
adaptive-expressions >=4.20.1-rc
Depends on vulnerable versions of fast-xml-parser
node_modules/adaptive-expressions
2 vulnerabilities (1 high, 1 critical)
Tried to fix with npm audit fix, but it does not fix the issue.