React using npm install it showing vulnerabilities (1 low, 14 moderate, 19 high, 4 critical)
I want to fix all of the high and critical can you provide the solution for this. The message as below after I run npm install
added 1993 packages, and audited 1994 packages in 2m
172 packages are looking for funding
run `npm fund` for details
38 vulnerabilities (1 low, 14 moderate, 19 high, 4 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
Replies (3)
Hi,
For now, it's impossible to have 0 vulnerabilities packages, cause 3d party libraries should first do their updates. Wait for our updates, I hope in 1 or 2 months packages will migrate to React 18 and all warnings are gone.
Regards,
Keenthemes support
Thank for update 
Hey, Kimmeng, I've been down that npm vulnerability rabbit hole before, and it can be a bit overwhelming, right? Don't worry, you're not alone in this.
First things first, running 'npm audit' is a good call to get more details on those vulnerabilities. Once you've done that, you can try 'npm audit fix' to address the issues that don't require much attention. However, be cautious with 'npm audit fix --force' as it might bring in breaking changes.
If the problem persists, you might want to consider updating the packages manually. Sometimes, the vulnerabilities are fixed in newer versions. Check your 'package.json' for the versions of the packages causing issues and update them one by one.
By the way, I recently came across Andersen, and they have some helpful resources on handling npm vulnerabilities. You might want to check them out for additional insights.
Remember to test your application thoroughly after each update to ensure everything still works as expected. It's a bit time-consuming, but it's worth it for the security of your project.
