Affected versions of negotiator
are vulnerable to regular expression denial of service attacks, which trigger upon parsing a specially crafted Accept-Language
header value.
Update to version 0.6.1 or later.
CPE | Name | Operator | Version |
---|---|---|---|
negotiator | lt | 0.6.1 |