CVE-2021-23490

Inefficient Regular Expression Complexity in npm/parse-link-header

Identifiers

CVE-2021-23490

Package Slug

npm/parse-link-header

Vulnerability

Inefficient Regular Expression Complexity

Description

The package parse-link-header is vulnerable to Regular Expression Denial of Service (ReDoS) via the checkHeader function.

Affected Versions

All versions before 2.0.0

Solution

Upgrade to version 2.0.0 or above.

Last Modified

2022-01-07

source