Description
All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.
Remediation
References
https://github.com/stevemao/trim-off-newlines/blob/master/index.js%23L6
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1567197
https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850
Related Vulnerabilities
CVE-2019-3773 Vulnerability in maven package org.springframework.ws:spring-xml
CVE-2023-34189 Vulnerability in maven package org.apache.inlong:manager-web
CVE-2022-24717 Vulnerability in npm package @finastra/ssr-pages
CVE-2019-15955 Vulnerability in npm package total.js
CVE-2019-5748 Vulnerability in maven package org.traccar:traccar