Child library nth-check is vulnerable to CVE-2021-3803 even with the latest [email protected]

[SunitaIBM]

There is a dependent library nth-check in react-scripts which is vulnerable to CVE-2021-3803. The mend scan is reporting this vulnerability for our project.

-- [email protected] +-- @svgr/[email protected] | -- @svgr/[email protected] | -- [email protected] | -- [email protected] | -- [email protected]

nth-check beyond v2.0.1(including) is available and safe from this vulnerability.

To fix this we have upgraded to the latest version for react-scripts (as shown above) still this dependency is not upgraded. Can you please take some action and upgrade this transitive dependency inside the parent library react-scripts at the earliest possible.