CVE-2021-23490.md

CVE-2021-23490

Description

The package parse-link-header before 2.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the checkHeader function.

POC

Reference

• https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2321973
• https://snyk.io/vuln/SNYK-JS-PARSELINKHEADER-1582783

Github

No PoCs found on GitHub currently.