Description
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.
Remediation
References
https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197
https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850
Related Vulnerabilities
CVE-2018-11758 Vulnerability in maven package org.apache.cayenne:cayenne-server
CVE-2017-16167 Vulnerability in npm package yyooopack
CVE-2019-10416 Vulnerability in maven package org.jenkins-ci.plugins:violation-comments-to-gitlab
CVE-2022-37257 Vulnerability in npm package steal
CVE-2023-47321 Vulnerability in maven package org.silverpeas.core:silverpeas-core-web