Description
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.
Remediation
References
https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197
https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850
Related Vulnerabilities
CVE-2021-41165 Vulnerability in maven package org.webjars.bowergithub.ckeditor:ckeditor4
CVE-2018-1331 Vulnerability in maven package org.apache.storm:storm-core
CVE-2022-2932 Vulnerability in npm package mobiledoc-kit
CVE-2016-8609 Vulnerability in maven package org.keycloak:keycloak-core
CVE-2022-38900 Vulnerability in maven package org.webjars.npm:decode-uri-component