Could someone help me with this React Vulnerability regarding nth-check?

Question

I created a new react project, and upon creating it saw 6 high security vulnerabilities. I tried npm audit fix but it didn't work. The audit report showed this:

# npm audit report

nth-check  <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr
fix available via `npm audit fix --force`
Will install react-scripts@2.1.3, which is a breaking change
node_modules/svgo/node_modules/nth-check
  css-select  <=3.1.0
  Depends on vulnerable versions of nth-check
  node_modules/svgo/node_modules/css-select
    svgo  1.0.0 - 1.3.2
    Depends on vulnerable versions of css-select        
    node_modules/svgo
      @svgr/plugin-svgo  <=5.5.0
      Depends on vulnerable versions of svgo
      node_modules/@svgr/plugin-svgo
        @svgr/webpack  4.0.0 - 5.5.0
        Depends on vulnerable versions of @svgr/plugin-svgo
        node_modules/@svgr/webpack
          react-scripts  >=2.1.4
          Depends on vulnerable versions of @svgr/webpack
          node_modules/react-scripts

6 high severity vulnerabilities

I tried updating nth-check to a patched version, but to no avail.

Have you already tried running `npm audit fix` ? It will try to automatically install a compatible version that has the fix for the vulnerability. It works most of the time. — leonard.javiniar, Apr 05 '23 at 18:34
If the current version still has this problem, clone the repository, fix the problem and create a pull request. — jabaa, Apr 05 '23 at 18:50

Could someone help me with this React Vulnerability regarding nth-check?

0 Answers0