Vulnerable Package issue exists @ Npm-ua-parser-js-0.7.29 in branch main

This package downloads a harmful file.
File hash:
ea131cc5ccf6aa6544d6cb29cdb78130feed061d2097c6903215be1499464c2e

About

Using a dynamic analysis environment (also known as a Sandbox) we can monitor filesystem activity such as newly created files within the lifecycle of the code package.

Once new files are created, our technology analyzes each of the newly created files. In case a file is harmful, this risk is shown.

Namespace: James-AST
Repository: msft
Repository Url: https://github.com/James-AST/msft
CxAST-Project: James-AST/msft
CxAST platform scan: d217bf9e-499c-4ae8-a115-08b6cd62b182
Branch: main
Application: msft
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: Harmful File Download

Addition Info