Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service (ReDoS) via the Cookie.parse function, which uses an insecure regular expression.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| cookiejar(npm) | 0 | 2.1.4 | N/A |
| org.webjars.npm:cookiejar(Maven) | 0 | N/A | N/A |
CVSS Metrics
