Library Vulnerabilities

According to White Source, **underscore** library version 1.7.0 has CVE-2021-23358 security vulnerability.
Is it possible to upgrade to version **underscore** - 1.12.1,1.13.0-2 and release new generate-password version?


