Sometimes you will be notified about security vulnerabilities in certain packages, through blogs or if you're using GitHub, you may notice warning like this on your repository:
This is a specific issue that arose when my Angular application was on version 5.0.0 and my CLI version was on 1.5.0. If you review this dependency, you can see the dependent packages and get more detail on the issue.
In this case, the vulnerable version of handlebars, 1.3.0 ...