Installing latest web3 version 1.3.5 on Ubuntu with npm version 7.12.0 fails with a couple of high severity errors. What is typical time-frame for a fix?

npm audit report

underscore 1.3.2 - 1.12.0
Severity: high
Arbitrary Code Execution - https://npmjs.com/advisories/1674\ No fix available
node_modules/underscore
..web3-bzz <=1.3.5
..Depends on vulnerable versions of underscore
..node_modules/web3-bzz
....web3 *
....Depends on vulnerable versions of web3-bzz
....Depends on vulnerable versions of web3-eth
....node_modules/web3
..web3-core-helpers *
..Depends on vulnerable versions of underscore
..node_modules/web3-core-helpers
....web3-eth-ens *
....Depends on vulnerable versions of underscore
....Depends on vulnerable versions of web3-core-helpers
....node_modules/web3-eth-ens
......web3-eth *
......Depends on vulnerable versions of underscore
......Depends on vulnerable versions of web3-eth-ens
......node_modules/web3-eth
....web3-providers-http *
....Depends on vulnerable versions of web3-core-helpers
....node_modules/web3-providers-http
..web3-core-method *
..Depends on vulnerable versions of underscore
..node_modules/web3-core-method
....web3-core *
....Depends on vulnerable versions of web3-core-method
....node_modules/web3-core
....web3-eth-personal *
....Depends on vulnerable versions of web3-core-method
....Depends on vulnerable versions of web3-net
....node_modules/web3-eth-personal
....web3-net <=1.0.0-beta.55 || >=1.2.0
....Depends on vulnerable versions of web3-core-method
....node_modules/web3-net
......web3-shh <=1.3.5
......Depends on vulnerable versions of web3-core-method
......Depends on vulnerable versions of web3-net
......node_modules/web3-shh
..web3-core-requestmanager *
..Depends on vulnerable versions of underscore
..node_modules/web3-core-requestmanager
..web3-core-subscriptions *
..Depends on vulnerable versions of underscore
..node_modules/web3-core-subscriptions
..web3-eth-abi *
..Depends on vulnerable versions of underscore
..node_modules/web3-eth-abi
..web3-eth-accounts *
..Depends on vulnerable versions of underscore
..node_modules/web3-eth-accounts
..web3-eth-contract *
..Depends on vulnerable versions of underscore
..node_modules/web3-eth-contract
..web3-providers-ipc *
..Depends on vulnerable versions of underscore
..node_modules/web3-providers-ipc
..web3-providers-ws *
..Depends on vulnerable versions of underscore
..node_modules/web3-providers-ws
..web3-utils >=1.0.0-beta.8
..Depends on vulnerable versions of underscore
..node_modules/web3-utils
....web3-eth-iban *
....Depends on vulnerable versions of web3-utils
....node_modules/web3-eth-iban

web3 *
Severity: high
Insecure Credential Storage - https://npmjs.com/advisories/877\ Depends on vulnerable versions of web3-bzz
Depends on vulnerable versions of web3-eth
No fix available
node_modules/web3

21 high severity vulnerabilities\