The marked dependency defined in package-lock.json has a known moderate severity security vulnerability in version range < 0.3.9 and should be updated.