Description
The package parse-link-header before 2.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the checkHeader function.
Remediation
References
https://github.com/thlorenz/parse-link-header/commit/72f05c717b3f129c5331a07bf300ed8886eb8ae1
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2321973
https://snyk.io/vuln/SNYK-JS-PARSELINKHEADER-1582783
Related Vulnerabilities
CVE-2019-14863 Vulnerability in maven package org.webjars.bower:angular
CVE-2022-0839 Vulnerability in maven package org.liquibase:liquibase-core
CVE-2021-21353 Vulnerability in npm package pug
CVE-2022-41253 Vulnerability in maven package org.jenkins-ci.plugins:cons3rt
CVE-2020-7778 Vulnerability in npm package systeminformation