Affected versions of negotiator
are vulnerable to regular expression denial of service attacks, which trigger upon parsing a specially crafted Accept-Language
header value.
Update to version 0.6.1 or later.
CPE | Name | Operator | Version |
---|---|---|---|
negotiator | le | 0.6.0 |