Description
The content module is a module to parse HTTP Content-* headers. It is used by the hapijs framework to provide this functionality. The module is vulnerable to regular expression denial of service when passed a specifically crafted Content-Type or Content-Disposition header.
Remediation
References
https://nodesecurity.io/advisories/530
Related Vulnerabilities
CVE-2018-16330 Vulnerability in maven package org.webjars.bowergithub.pandao:editor.md
CVE-2021-29442 Vulnerability in maven package com.alibaba.nacos:nacos-common
CVE-2022-39288 Vulnerability in npm package fastify
CVE-2019-19771 Vulnerability in npm package bictoin-ops
CVE-2022-1291 Vulnerability in maven package org.webjars.bower:tableexport.jquery.plugin