Description
The content module is a module to parse HTTP Content-* headers. It is used by the hapijs framework to provide this functionality. The module is vulnerable to regular expression denial of service when passed a specifically crafted Content-Type or Content-Disposition header.
Remediation
References
https://nodesecurity.io/advisories/530
Related Vulnerabilities
CVE-2016-10542 Vulnerability in maven package org.webjars.npm:ws
CVE-2022-23640 Vulnerability in maven package com.monitorjbl:xlsx-streamer
CVE-2018-8041 Vulnerability in maven package org.apache.camel:camel-mail
CVE-2019-1003036 Vulnerability in maven package org.jenkins-ci.plugins:azure-vm-agents
CVE-2021-39157 Vulnerability in npm package detect-character-encoding