3 matches found
@abi-software/flatmap-viewer (>=1.0.2 <=2.1.0-beta.1), @abi-software/flatmapvuer (>=0.1.0 <=0.1.33-beta-1) +854 more potentially affected by CVE-2021-23490 via parse-link-header (>=0.1.0 <=1.0.1)
parse-link-header NPM version =0.1.0, =1.0.2, =0.1.0, =1.1.0, =2.0.0, =0.1.0, =0.1.0, =1.5.1, =1.1.0, =1.1.0, =0.1.0, =1.5.1, =0.2.0, =1.5.1, =2.0.0-alpha.1, =2.0.0-alpha.11 and more Source cves: CVE-2021-23490 Source advisory: OSV:GHSA-Q674-XM3X-2926...
CVE-2021-23490
The package parse-link-header before 2.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the checkHeader function...
CVE-2021-23490
CVE-2021-23490 affects the npm package parse-link-header . The issue is a Regular Expression Denial of Service (ReDoS) triggered by the checkHeader function in versions prior to 2.0.0 . Reported impact is CPU exhaustion that can degrade service or cause a denial of service. Remediation : upgrade ...