Regular Expression Denial of Servicenegotiator
Affected versions of
negotiator are vulnerable to regular expression denial of service attacks, which trigger upon parsing a specially crafted
Accept-Language header value.
Update to version 0.6.1 or later.
Have content suggestions? Visit npmjs.com/support.
publishedAdvisory publishedJun 16th, 2016
reportedInitial report by Adam BaldwinMay 4th, 2016