Description
The content module is a module to parse HTTP Content-* headers. It is used by the hapijs framework to provide this functionality. The module is vulnerable to regular expression denial of service when passed a specifically crafted Content-Type or Content-Disposition header.
Remediation
References
https://nodesecurity.io/advisories/530
Related Vulnerabilities
CVE-2016-3086 Vulnerability in maven package org.apache.hadoop:hadoop-common
CVE-2019-20444 Vulnerability in maven package io.netty:netty-all
CVE-2015-3250 Vulnerability in maven package org.apache.directory.api:api-ldap-client-all
CVE-2017-5643 Vulnerability in maven package org.apache.camel:camel-core
CVE-2019-16942 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind