There is any prediction to a patch that fix this High level vulnerability?

Same question

Can provide more information?
The command npm audit doesn't give any information about it

That vulnerability was identified using the grype vulnerability scanner.
https://nvd.nist.gov/vuln/detail/CVE-2017-18589

Any news about this issue? the vulnerability was fixed in version 0.7.6 from Cookies(GHSA-vjrq-cg9x-rfjp), Do you have any prediction to update the cookies version in your dependencies?

I'm not sure if this refers to the cookie package on JS.

Your link is about cookies on rust

The Vulnerabilities scan GRYPE identified that as a vulnerability from your dependency, I assume because you use cookies dependency in your project.

In this case I do believe, the vulnerability scanner you are using is at fault. It found the "cookies" word on the package.json and made a look up on a table, where it found a match, but it neglected the fact that, the vulnerable package is a Rust crate.

• jshttp/cookie#133

In this case I do believe, the vulnerability scanner you are using is at fault. It found the "cookies" word on the package.json and made a look up on a table, where it found a match, but it neglected the fact that, the vulnerable package is a Rust crate.

I completely agree