Vulnerabilty with ejs which is dependant on @angular-eslint/builder ( ejs lacks certain pollution protection )

[pramodhcm]

Description and versions:
"@angular-eslint/builder": "^16.2.0",
"@nx/devkit": "16.5.1",
"ejs": "^3.1.7",

Run "npm run audit" on new project to reproduce below error
╔══════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════╗
║ ║
║ ID │ Module │ Title │ Paths │ Sev. │ URL │ Ex. ║
║ 1097210 │ ejs │ ejs lacks certain pollution protection │ ejs │ moderate │ GHSA-ghr5-ch3p-vcr6 │ n ║
╚═════════╧════════╧════════════════════════════════════════╧═════════════════╧══════════╧═══════════════════════════════════════════════════╧═════╝

PS C:\Users\pramocm\Desktop\XMP- Frontend> ng version

 _                      _                 ____ _     ___
/ \   _ __   __ _ _   _| | __ _ _ __     / ___| |   |_ _|

/ △ \ | '_ \ / | | | | |/ _ | '__| | | | | | |
/ ___ | | | | (| | || | | (| | | | || | | |
// __| ||_, |_,||_,|| _|||
|___/

Angular CLI: 16.2.14
Node: 20.11.0 (Unsupported)
Package Manager: npm 10.3.0
OS: win32 x64

Angular: 16.2.12
... animations, cdk, common, compiler, compiler-cli, core, forms
... language-service, platform-browser, platform-browser-dynamic
... router

Package Version

@angular-devkit/architect 0.1602.14
@angular-devkit/build-angular 16.2.14
@angular-devkit/core 16.2.14
@angular-devkit/schematics 16.2.14
@angular/cli 16.2.14
@schematics/angular 16.2.14
rxjs 7.8.1
typescript 4.9.5
zone.js 0.13.3

Warning: The current version of Node (20.11.0) is not supported by Angular.

[json-derulo]

This looks like a duplicate of #1776. The dependency to ejs comes from @nx/devkit and not from Angular ESLint directly. Also because the dependency range is defined as ^3.1.7, and v3.1.10 is not vulnerable, npm update or npm audit fix should resolve the vulnerability.