Description
The content module is a module to parse HTTP Content-* headers. It is used by the hapijs framework to provide this functionality. The module is vulnerable to regular expression denial of service when passed a specifically crafted Content-Type or Content-Disposition header.
Remediation
References
https://nodesecurity.io/advisories/530
Related Vulnerabilities
CVE-2020-2242 Vulnerability in maven package org.jenkins-ci.plugins:database
CVE-2016-10664 Vulnerability in npm package mystem
CVE-2018-20677 Vulnerability in maven package org.webjars.bowergithub.twbs:bootstrap
CVE-2015-7294 Vulnerability in npm package ldapauth-fork
CVE-2021-21297 Vulnerability in npm package @node-red/runtime