security problem: CWE-1333: Inefficient Regular Expression Complexity & CWE-1333: Inefficient Regular Expression Complexity

[kikienelsone]

Hi!

We`re currently using 'npm-run-all' in our project, and noticed that it indirectly depends on 'cross-spawn'.
This version of 'cross-spawn' is affected by a vulnerability classified as CWE-1333: Inefficient Regular Expression Complexity and CWE-1333: Inefficient Regular Expression Complexity. The issue has been reported in our audit tools

The issue is fixed in cross-spawn@7.0.6, but npm-run-all depends on packages that still pull in the vulnerable version.