How to fix the vulnerabilities in npm if I cannot upgrade the major version of dependency?

I have a high risk vulnerability from npm audit --production. This is dependency of snowflake-sdk. But I checked snowflake github it has "requestretry": "^6.0.0" in the package.json which mean it doesn’t support requestretry 7.0.0. Is there any other way to fix this vulnerability? What if I upgrade requestretry to 7.0.0?