Description
The no-case module is vulnerable to regular expression denial of service. When malicious untrusted user input is passed into no-case it can block the event loop causing a denial of service condition.
Remediation
References
https://nodesecurity.io/advisories/529
https://github.com/blakeembrey/no-case/issues/17
Related Vulnerabilities
CVE-2022-36918 Vulnerability in maven package org.jenkins-ci.plugins:buckminster
CVE-2022-24839 Vulnerability in maven package net.sourceforge.nekohtml:nekohtml
CVE-2022-36437 Vulnerability in maven package com.hazelcast.jet:hazelcast-jet
CVE-2020-7688 Vulnerability in npm package mversion
CVE-2019-12409 Vulnerability in maven package org.apache.solr:solr-core