@bixiao/common-menu-links (>=1.0.9 <=2.3.24), @bixiao/ui (>=1.2.6 <=2.3.24) +20 more potentially affected by unknown CVE via onfire.js (=2.0.1)

onfire.js NPM version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on onfire.js and may be impacted: - @bixiao/common-menu-links =1.0.9, =1.2.6, =1.0.6, =1.0.6, =2.0.42, =1.0.9, =2.1.12, =1.0.1, =1.2.3, =1.0.3, =1.0.1, =1.1.0, =0.0.1-beta.1,...