Description
The package parse-link-header before 2.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the checkHeader function.
Remediation
References
https://github.com/thlorenz/parse-link-header/commit/72f05c717b3f129c5331a07bf300ed8886eb8ae1
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2321973
https://snyk.io/vuln/SNYK-JS-PARSELINKHEADER-1582783
Related Vulnerabilities
CVE-2023-34234 Vulnerability in npm package @openzeppelin/contracts-upgradeable
CVE-2021-23388 Vulnerability in npm package forms
CVE-2022-39299 Vulnerability in npm package node-saml
CVE-2021-32641 Vulnerability in npm package auth0-lock
CVE-2021-21252 Vulnerability in npm package jquery-validation