bynder-js-sdk node upgrade

[mfaridk]

Hi, bynder-js-sdk is using an outdated version of many libraries, is it possible to bring bynder-js-sdk on the latest node?

This package has too many security issues because of the outdated libraries.

Issues with no direct upgrade or patch:
✗ Cross-site Request Forgery (CSRF) [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459] in axios@0.27.2
introduced by @bynder/bynder-js-sdk@2.3.9 > axios@0.27.2
This issue was fixed in versions: 0.28.0, 1.6.0
✗ Regular Expression Denial of Service (ReDoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6124857] in axios@0.27.2
introduced by @bynder/bynder-js-sdk@2.3.9 > axios@0.27.2
This issue was fixed in versions: 1.6.3
✗ Prototype Pollution [High Severity][https://security.snyk.io/vuln/SNYK-JS-AXIOS-6144788] in axios@0.27.2
introduced by @bynder/bynder-js-sdk@2.3.9 > axios@0.27.2
This issue was fixed in versions: 1.6.4

FYI... @elseee @erikvanbrakel

[ryn101]

I'm also seeing this vulnerability https://security.snyk.io/vuln/SNYK-JS-HAPIHOEK-548452 due to the outdated usage of simple-oauth2 v2.5.1 (latest is v5.0)