Which @angular/* package(s) are the source of the bug?

core

Is this a regression?

Yes

Description

Hello maintainers,

I wanted to bring to your attention that after installing the package, I ran a vulnerability scan with vulert abom on the lock file and discovered that there are over 15 vulnerable dependencies present. As these vulnerabilities can potentially impact the security of the entire project, I am unsure whether to report this under responsible disclosure.

For your reference, here is a link to the report of the package-lock file I scanned: https://vulert.com/vuln-scan/list/a149f3bc-5d76-452e-ae70-68f40d385bfd

I recommend that we take immediate action to address these vulnerabilities and ensure the security of the project. Please let me know if you require any further information.

P.S. this is the lock file i scanned: https://github.com/angular/angular/blob/main/yarn.lock

Thank you.

Please provide a link to a minimal reproduction of the bug

No response

Please provide the exception or error you saw

No response

Please provide the environment you discovered this bug in (run ng version)

No response

Anything else?

No response