Introduction:
This issue highlights a vulnerability in the nth-check package, specifically related to Regular Expression Denial of Service (ReDoS). This vulnerability is identified with a CVSS score of 7.5 (High Severity) by both Snyk and NVD.
Details:
The vulnerability is introduced through @tryghost/kg-default-cards@10.0.2 and affects versions of nth-check prior to 2.0.1.
Exploit Maturity:
The exploit maturity is identified as Proof of Concept.
Snyk: CVSS 7.5 - High Severity
NVD: CVSS 7.5 - High Severity
Overview:
nth-check is a library used for parsing CSS nth-child expressions.
Vulnerability Description:
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when parsing crafted invalid CSS nth-checks. This vulnerability is due to the sub-pattern \s(?:([+-]?)\s(\d+))? in RE_NTH_ELEMENT with quantified overlapping adjacency. An attacker can exploit this by providing a specially crafted input, leading to excessive backtracking during regex processing, which may result in a denial of service condition.
Remediation:
Upgrade to version 2.0.1 or later of nth-check to fix this vulnerability. Unfortunately, there is no remediation path available for previous versions.
Proposed Changes:
Update the dependency on nth-check to version 2.0.1 or later in the package.json file.
Testing:
After updating the dependency, ensure that all existing functionality continues to work as expected. Perform thorough testing to verify that the vulnerability has been mitigated.
Introduction: This issue highlights a vulnerability in the nth-check package, specifically related to Regular Expression Denial of Service (ReDoS). This vulnerability is identified with a CVSS score of 7.5 (High Severity) by both Snyk and NVD.
Details: The vulnerability is introduced through @tryghost/kg-default-cards@10.0.2 and affects versions of nth-check prior to 2.0.1.
Exploit Maturity: The exploit maturity is identified as Proof of Concept.
Detailed Paths:
Security Information:
Overview: nth-check is a library used for parsing CSS nth-child expressions.
Vulnerability Description: Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when parsing crafted invalid CSS nth-checks. This vulnerability is due to the sub-pattern \s(?:([+-]?)\s(\d+))? in RE_NTH_ELEMENT with quantified overlapping adjacency. An attacker can exploit this by providing a specially crafted input, leading to excessive backtracking during regex processing, which may result in a denial of service condition.
Remediation: Upgrade to version 2.0.1 or later of nth-check to fix this vulnerability. Unfortunately, there is no remediation path available for previous versions.
Proposed Changes: Update the dependency on nth-check to version 2.0.1 or later in the package.json file.
Testing: After updating the dependency, ensure that all existing functionality continues to work as expected. Perform thorough testing to verify that the vulnerability has been mitigated.