Because Yarn projects allow for multiple versions of the same library, you cannot override a vulnerable library by adding the appropriate version directly to the configuration file.
To complete this task:
resolutionssection to your
resolutionssection already exists, add
"cookie-signature": "1.0.4"to it.
After completing these steps, build, test, and rescan your project to ensure the fix succeeded.