@actions/cache v4.0.5 dep with CVE vuln #2116
Description
Describe the bug
@actions/cache v4.0.5 depends on "@azure/ms-rest-js": "^2.6.0" . Even the latest version '2.7.0' use "form-data": "^2.5.3" with a new vulnerability https://avd.aquasec.com/nvd/2025/cve-2025-7783/ which was fixed in 'form-data: 2.5.4'
└─┬ @actions/[email protected]
└─┬ @azure/[email protected]
└── [email protected]