chore(dep) platform-fastify: bump path-to-regexp

[rolandsusans]

PR Checklist

Please check if your PR fulfills the following requirements:

• The commit message follows our guidelines: https://github.com/nestjs/nest/blob/master/CONTRIBUTING.md
• Tests for the changes have been added (for bug fixes / features)
• Docs have been added / updated (for bug fixes / features)

PR Type

What kind of change does this PR introduce?

• Bugfix
• Feature
• Code style update (formatting, local variables)
• Refactoring (no functional changes, no api changes)
• Build related changes
• CI related changes
• Fix security vulnerabilities

What is the current behavior?

Issue Number: 13955

• path-to-regexp npm audit high vulnerable #13955

What is the new behavior?

Does this PR introduce a breaking change?

• Yes
• No

Other information

[coveralls]

Pull Request Test Coverage Report for Build f1640004-b621-4e2e-a448-963a300b35b0

Details

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at 92.213%

---

Totals
Change from base Build 0b2170fc-d850-443a-8e46-397cb7d6d6fd:	0.0%
Covered Lines:	6750
Relevant Lines:	7320

---

💛 - Coveralls

[mbackermann]

I guess we should use 3.3.0. which also fixed the issue, but has no breaking changes

[rolandsusans]

according to snyk 3.3.0 https://security.snyk.io/package/npm/path-to-regexp/3.3.0 is vulnerable as well 🤷🏻‍♂️

[rolandsusans]

GHSA-9wv6-86v2-598j seems that 3.3.0 does the trick, will update the PR

[erichuang-bh]

FYI:

The 3.3.0 may have the same issue.
https://avd.aquasec.com/nvd/2024/cve-2024-45296/

[rolandsusans]

@erichuang-bh github it was updated just few hours ago:

Could it be, that the tool you are using does not have latest vulnerability db?

[kamilmysliwiec]

Already fixed here #13971