0.001 Low
EPSS
Percentile
43.3%
normalize-url is vulnerable to regular expression denial of service. The usage of an insecure regex allows an attacker to cause a denial of service condition via a malicious URL string.
github.com/sindresorhus/normalize-url/releases/tag/v6.0.1
security.netapp.com/advisory/ntap-20210706-0001/