You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The vulnerability allows for a potential Denial of Service (DoS) attack by exploiting the regular expressions used in nth-check. Given the high severity, it poses a significant risk to systems relying on this dependency chain.
Additional Info
I had previously emailed your security email address and followed that up with your team's main email address with no acknowledgement for either of them. As this is a high security vulnerability, action towards migrating to updated cheerio (currently RC version) or patching the transitive dependency would be greatly appreciated.
The text was updated successfully, but these errors were encountered:
Vulnerability Details
Vulnerability Type: Regular Expression Denial of Service (ReDoS)
Severity: High
Vulnerable Package: [email protected]
Introduced By: [email protected] > [email protected] > [email protected]
Fixed In: [email protected]
More Info: Snyk Security Advisory
Impact
The vulnerability allows for a potential Denial of Service (DoS) attack by exploiting the regular expressions used in nth-check. Given the high severity, it poses a significant risk to systems relying on this dependency chain.
Additional Info
I had previously emailed your security email address and followed that up with your team's main email address with no acknowledgement for either of them. As this is a high security vulnerability, action towards migrating to updated cheerio (currently RC version) or patching the transitive dependency would be greatly appreciated.
The text was updated successfully, but these errors were encountered: