https://github.com/advisories/GHSA-rp65-9cf3-cjxr

[todbapi]

`# npm audit report

nth-check <2.0.1 Severity: moderate Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr fix available via npm audit fix --force Will install @nestjs-modules/[email protected], which is a breaking change node_modules/nth-check css-select <=3.1.0 Depends on vulnerable versions of nth-check node_modules/css-select cheerio 0.19.0 - 1.0.0-rc.3 Depends on vulnerable versions of css-select node_modules/cheerio inline-css >=1.0.5 Depends on vulnerable versions of cheerio Depends on vulnerable versions of extract-css node_modules/inline-css @nestjs-modules/mailer >=1.3.18 Depends on vulnerable versions of inline-css node_modules/@nestjs-modules/mailer list-stylesheets >=1.0.2 Depends on vulnerable versions of cheerio node_modules/list-stylesheets style-data >=1.0.3 Depends on vulnerable versions of cheerio node_modules/style-data extract-css >=1.0.2 Depends on vulnerable versions of style-data node_modules/extract-css

8 moderate severity vulnerabilities`

I can't fix it by npm audit fix

[todbapi]

CVE-2021-3803

[LaurensUP]

Cheerio should be bumped to at least 1.0.0-rc.11

cheerio 1.0.0-rc.10 still introduces the vulnerability through nth-check <2.0.1 ← css-select 4.1.3 ← cheerio-select 1.5.0 ← cheerio 1.0.0-rc.10

Mind that rc.10 -> rc.11 has breaking changes