diff --git a/package.json b/package.json
index 2c543fa1a..d55d86413 100644
--- a/package.json
+++ b/package.json
@@ -32,7 +32,7 @@
     "compression": "1.7.5",
     "connect-flash": "0.1.1",
     "connect-session-sequelize": "7.1.7",
-    "cookie": "0.7.2",
+    "cookie": "1.0.2",
     "cookie-parser": "1.4.7",
     "deep-freeze": "0.0.1",
     "diff-match-patch": "git+https://github.com/hackmdio/diff-match-patch.git#commit=59a9395ad9fe143e601e7ae5765ed943bdd2b11e",
diff --git a/yarn.lock b/yarn.lock
index 6d00045ff..62a014c86 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1267,7 +1267,7 @@ __metadata:
     compression: "npm:1.7.5"
     connect-flash: "npm:0.1.1"
     connect-session-sequelize: "npm:7.1.7"
-    cookie: "npm:0.7.2"
+    cookie: "npm:1.0.2"
     cookie-parser: "npm:1.4.7"
     copy-webpack-plugin: "npm:6.4.1"
     css-loader: "npm:5.2.7"
@@ -4030,6 +4030,13 @@ __metadata:
   languageName: node
   linkType: hard
 
+"cookie@npm:1.0.2":
+  version: 1.0.2
+  resolution: "cookie@npm:1.0.2"
+  checksum: 10/f5817cdc84d8977761b12549eba29435e675e65c7fef172bc31737788cd8adc83796bf8abe6d950554e7987325ad2d9ac2971c5bd8ff0c4f81c145f82e4ab1be
+  languageName: node
+  linkType: hard
+
 "cookie@npm:~0.4.1":
   version: 0.4.2
   resolution: "cookie@npm:0.4.2"