Описание
Regular Expression Denial of Service in forwarded
Affected versions of forwarded are vulnerable to regular expression denial of service when parsing specially crafted user input.
Recommendation
Update to version 0.1.2 or later
Пакеты
forwarded
< 0.1.2
0.1.2
Связанные уязвимости
The forwarded module is used by the Express.js framework to handle the X-Forwarded-For header. It is vulnerable to a regular expression denial of service when it's passed specially crafted input to parse. This causes the event loop to be blocked causing a denial of service condition.
The forwarded module is used by the Express.js framework to handle the X-Forwarded-For header. It is vulnerable to a regular expression denial of service when it's passed specially crafted input to parse. This causes the event loop to be blocked causing a denial of service condition.