Vulnerability	Vulnerable Version
H Regular Expression Denial of Service (ReDoS) `method-override` is a module to override HTTP verbs. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS). It uses regex the following regex `/ , /` in order to split HTTP headers. An attacker may send specially crafted input in the `X-HTTP-Method-Override` header and cause a significant slowdown. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `method-override` to version 2.3.10 or higher.	>1.0.2 <2.3.10

Regular Expression Denial of Service (ReDoS)

method-override is a module to override HTTP verbs.

Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS). It uses regex the following regex / *, */ in order to split HTTP headers. An attacker may send specially crafted input in the X-HTTP-Method-Override header and cause a significant slowdown.

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade method-override to version 2.3.10 or higher.

>1.0.2 <2.3.10

Go back to all versions of this package