diff --git a/app/package-lock.json b/app/package-lock.json
index 6ea5b83..e57fd0c 100644
--- a/app/package-lock.json
+++ b/app/package-lock.json
@@ -783,11 +783,18 @@
       "dev": true
     },
     "async": {
-      "version": "2.6.0",
-      "resolved": "https://registry.npmjs.org/async/-/async-2.6.0.tgz",
-      "integrity": "sha1-YaKau2/MAm/qd+VtHG7FOnlZUfQ=",
+      "version": "2.6.4",
+      "resolved": "https://registry.npmjs.org/async/-/async-2.6.4.tgz",
+      "integrity": "sha512-mzo5dfJYwAn29PeiJ0zvwTo04zj8HDJj0Mn8TD7sno7q12prdbnasKJHhkm2c1LgrhlJ0teaea8860oxi51mGA==",
       "requires": {
-        "lodash": "^4.14.0"
+        "lodash": "^4.17.14"
+      },
+      "dependencies": {
+        "lodash": {
+          "version": "4.17.21",
+          "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+          "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
+        }
       }
     },
     "async-each": {
@@ -10838,7 +10845,7 @@
       "dependencies": {
         "minimist": {
           "version": "1.2.0",
-          "resolved": "http://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
+          "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
           "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ="
         }
       }
diff --git a/app/package.json b/app/package.json
index e19fc47..1be1146 100644
--- a/app/package.json
+++ b/app/package.json
@@ -38,7 +38,7 @@
       "@types/passport-jwt": "^3.0.1",
       "@types/web-push": "^3.3.0",
       "apidoc": "^0.17.7",
-      "async": "^2.6.0",
+      "async": "^2.6.4",
       "bcrypt-nodejs": "^0.0.3",
       "bluebird": "^3.5.1",
       "body-parser": "^1.18.2",