Vulnerabilities in Next.js 10.0.1

[rmkanda]

Bug report

Describe the bug

Vulnerabilities in Next.js 10.0.1

To Reproduce

1. npm install next
2. npm audit

System information

• Version of Next.js: [e.g. 10.0.1]
• Version of Node.js: [e.g. v15.1.0]

Additional context

# npm audit report

node-fetch  <=2.6.0 || 3.0.0-beta.1 - 3.0.0-beta.8
Denial of Service - https://npmjs.com/advisories/1556
fix available via `npm audit fix --force`
Will install next@9.4.4, which is a breaking change
node_modules/node-fetch
  @ampproject/toolbox-optimizer  >=2.0.0-alpha.0
  Depends on vulnerable versions of @ampproject/toolbox-validator-rules
  Depends on vulnerable versions of cross-fetch
  Depends on vulnerable versions of node-fetch
  node_modules/@ampproject/toolbox-optimizer
    next  >=9.4.5-canary.13
    Depends on vulnerable versions of @ampproject/toolbox-optimizer
    node_modules/next
  cross-fetch  <=3.0.5
  Depends on vulnerable versions of node-fetch
  node_modules/cross-fetch
    @ampproject/toolbox-validator-rules  >=1.0.0-beta.5
    Depends on vulnerable versions of cross-fetch
    node_modules/@ampproject/toolbox-validator-rules

5 low severity vulnerabilities

To address all issues (including breaking changes), run:
  npm audit fix --force

[timneutkens]

Duplicate of #17416
Duplicate of #17250

[balazsorban44]

This issue has been automatically locked due to no recent activity. If you are running into a similar issue, please create a new issue with the steps to reproduce. Thank you.