Depends on vulnerable versions of three

npm audit gives below error

three  <0.125.0
Severity: high
Regular Expression Denial of Service - https://npmjs.com/advisories/1639
No fix available
node_modules/three
  videojs-vr  *
  Depends on vulnerable versions of three
  node_modules/videojs-vr

version installed  "videojs-vr": "^1.8.0",