The package needs to update axios to solve high severity vulnerability

[aliataf]

A Server-Side Request Forgery (SSRF) vulnerability was found in axios which is a dependency of lite-server. It is patched in version >=0.21.1 so lite-server should update axios.

[PseudoNinja]

The fix here is to upgrade browser-sync to current (3.0.2 as of this comment) as it drops dependency for localtunnel which is dependant on the vulnerable version of axios