method-override ReDoS when untrusted user input passed into X-HTTP-Method-Override header

Affected versions of method-override are vulnerable to a regular expression denial of service vulnerability when untrusted user input is passed into the X-HTTP-Method-Override header.

Recommendation

Update to version 2.3.10 or later