Description
The content module is a module to parse HTTP Content-* headers. It is used by the hapijs framework to provide this functionality. The module is vulnerable to regular expression denial of service when passed a specifically crafted Content-Type or Content-Disposition header.
Remediation
References
https://nodesecurity.io/advisories/530
Related Vulnerabilities
CVE-2019-16776 Vulnerability in maven package org.webjars.npm:npm
CVE-2020-2264 Vulnerability in maven package org.jenkins-ci.plugins:custom-job-icon
CVE-2021-21277 Vulnerability in maven package org.webjars.npm:angular-expressions
CVE-2016-10642 Vulnerability in npm package cmake
CVE-2021-39231 Vulnerability in maven package org.apache.ozone:ozone-main