Added 17 vulnerabilities

[JeffWScott]

I went from "0 vulnerabilities" to "17 vulnerabilities (12 low, 5 high)" just by installing this package.

$ npm install helius-sdk
npm warn deprecated @irys/[email protected]: Arweave support is deprecated - We recommend migrating to the Irys datachain: https://migrate-to.irys.xyz/

added 260 packages, and audited 377 packages in 19s

88 packages are looking for funding
  run `npm fund` for details

17 vulnerabilities (12 low, 5 high)

To address all issues, run:
  npm audit fix

Run `npm audit` for details.

$ npm remove helius-sdk

removed 260 packages, and audited 117 packages in 2s

14 packages are looking for funding
  run `npm fund` for details

found 0 vulnerabilities

[FedeSobre]

Exactly the same issue here, 0 to 17 (12 low, 5 high).
Problems are with elliptic and ws.

elliptic  <=6.5.7
Elliptic's EDDSA missing signature length check - https://github.com/advisories/GHSA-f7q4-pwc6-w24p
Elliptic's ECDSA missing check for whether leading bit of r and s is zero - https://github.com/advisories/GHSA-977x-g7h5-7qgw
Elliptic allows BER-encoded signatures - https://github.com/advisories/GHSA-49q7-c7j4-3p7m
Elliptic's verify function omits uniqueness validation - https://github.com/advisories/GHSA-434g-2637-qmqr
Valid ECDSA signatures erroneously rejected in Elliptic - https://github.com/advisories/GHSA-fc9h-whq2-v747
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/elliptic
  @ethersproject/signing-key  <=5.7.0
  Depends on vulnerable versions of elliptic
  node_modules/@ethersproject/signing-key
    @ethersproject/hdnode  *
    Depends on vulnerable versions of @ethersproject/abstract-signer
    Depends on vulnerable versions of @ethersproject/signing-key
    Depends on vulnerable versions of @ethersproject/transactions
    Depends on vulnerable versions of @ethersproject/wordlists
    node_modules/@ethersproject/hdnode
      @ethersproject/json-wallets  *
      Depends on vulnerable versions of @ethersproject/abstract-signer
      Depends on vulnerable versions of @ethersproject/hdnode
      Depends on vulnerable versions of @ethersproject/transactions
      node_modules/@ethersproject/json-wallets
    @ethersproject/transactions  <=5.7.0
    Depends on vulnerable versions of @ethersproject/signing-key
    node_modules/@ethersproject/transactions
      @ethersproject/abstract-provider  *
      Depends on vulnerable versions of @ethersproject/transactions
      node_modules/@ethersproject/abstract-provider
        @ethersproject/abstract-signer  *
        Depends on vulnerable versions of @ethersproject/abstract-provider
        node_modules/@ethersproject/abstract-signer
          @ethersproject/hash  5.0.6 - 5.7.0
          Depends on vulnerable versions of @ethersproject/abstract-signer
          node_modules/@ethersproject/hash
            @ethersproject/abi  5.0.10 - 5.7.0
            Depends on vulnerable versions of @ethersproject/hash
            node_modules/@ethersproject/abi
              @ethersproject/contracts  *
              Depends on vulnerable versions of @ethersproject/abi
              Depends on vulnerable versions of @ethersproject/abstract-provider
              Depends on vulnerable versions of @ethersproject/abstract-signer
              Depends on vulnerable versions of @ethersproject/transactions
              node_modules/@ethersproject/contracts
            @ethersproject/providers  <=5.7.2
            Depends on vulnerable versions of @ethersproject/abstract-provider
            Depends on vulnerable versions of @ethersproject/abstract-signer
            Depends on vulnerable versions of @ethersproject/hash
            Depends on vulnerable versions of @ethersproject/transactions
            Depends on vulnerable versions of ws
            node_modules/@ethersproject/providers
              @irys/sdk  *
              Depends on vulnerable versions of @ethersproject/contracts
              Depends on vulnerable versions of @ethersproject/providers
              Depends on vulnerable versions of @ethersproject/wallet
              Depends on vulnerable versions of arbundles
              node_modules/@irys/sdk
                helius-sdk  >=1.0.16
                Depends on vulnerable versions of @irys/sdk
                node_modules/helius-sdk
              arbundles  >=0.9.3
              Depends on vulnerable versions of @ethersproject/hash
              Depends on vulnerable versions of @ethersproject/providers
              Depends on vulnerable versions of @ethersproject/signing-key
              Depends on vulnerable versions of @ethersproject/transactions
              Depends on vulnerable versions of @ethersproject/wallet
              node_modules/arbundles
            @ethersproject/wallet  <=5.7.0
            Depends on vulnerable versions of @ethersproject/abstract-provider
            Depends on vulnerable versions of @ethersproject/abstract-signer
            Depends on vulnerable versions of @ethersproject/hash
            Depends on vulnerable versions of @ethersproject/hdnode
            Depends on vulnerable versions of @ethersproject/json-wallets
            Depends on vulnerable versions of @ethersproject/signing-key
            Depends on vulnerable versions of @ethersproject/transactions
            Depends on vulnerable versions of @ethersproject/wordlists
            node_modules/@ethersproject/wallet
            @ethersproject/wordlists  5.0.8 - 5.7.0
            Depends on vulnerable versions of @ethersproject/hash
            node_modules/@ethersproject/wordlists

ws  7.0.0 - 7.5.9
Severity: high
ws affected by a DoS when handling a request with many HTTP headers - https://github.com/advisories/GHSA-3h5v-q93c-6h6q
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/@ethersproject/providers/node_modules/ws