parse-link-header is vulnerable to regular expression denial of service. The usage of an insecure ‘checkHeader’ function allows an attacker to cause a denial of service condition via a malicious URL string.
CPE | Name | Operator | Version |
---|---|---|---|
parse-link-header | le | 1.0.1 | |
parse-link-header | le | 1.0.1 |