diff --git a/package-lock.json b/package-lock.json
index 323f69d1a..140282a50 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9193,9 +9193,9 @@
       "dev": true
     },
     "encodeurl": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz",
-      "integrity": "sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k="
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-2.0.0.tgz",
+      "integrity": "sha512-Q0n9HRi4m6JuGIV1eFlmvJB7ZEVxu93IrMyiMsGC0lrMJMWzRgx6WGquyfQgZVb31vhGgXnfmPNNXmxnOkRBrg=="
     },
     "enquirer": {
       "version": "2.3.6",
diff --git a/package.json b/package.json
index 9f8d0a7ca..a8e3378e4 100644
--- a/package.json
+++ b/package.json
@@ -44,7 +44,7 @@
     "debug": "^4.3.2",
     "delegates": "^1.0.0",
     "destroy": "^1.0.4",
-    "encodeurl": "^1.0.2",
+    "encodeurl": "^2.0.0",
     "escape-html": "^1.0.3",
     "fresh": "~0.5.2",
     "http-assert": "^1.3.0",