Security Alerts

How to resolve the below problems

Known moderate severity security vulnerability detected in braces < 2.3.1 defined in package-lock.json .
package-lock.json update suggested: braces ~> 2.3.1 .

Where are these coming from?