textract icon indicating copy to clipboard operation
textract copied to clipboard

Published 20 hours ago verified publisher icon dbashford

CVE-2021-3803

Open prafullkulkarni opened this issue 3 years ago • 1 comments

Hi @dbashford

A vulnerability has been reported on - cheerio-1.0.0-rc.2.tgz -> css-select-1.2.0.tgz -> nth-check-1.0.2.tgz

nth-check is vulnerable to Inefficient Regular Expression Complexity

https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-3803

prafullkulkarni avatar Oct 18 '21 10:10 prafullkulkarni

Hey @prafullkulkarni,

We're part of a startup called Seal Security that mitigates software vulnerabilities in older open source versions by backporting/creating standalone security patches - enabling more straightforward remediation in cases like this. We created an nth-check 1.02-sp1 that's vulnerability-free. As with all of our patches, it's open-source and available for free.

If relevant, check out our GitHub repo if you wish to learn more, or start using our app.

Please feel free to reach us at [email protected] if you have any requests/questions.

AlonNavon avatar Aug 01 '23 11:08 AlonNavon