CVE-2021-33623

About vulnerability

The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.

Affected product:

Acorn , Angular , Express , Next.js , Node.js , basic-auth-connect , commit-analyzer , connect , conventional-changelog , conventional-changelog-core , conventional-commits-parser , get-pkg-repo , git-raw-commits , hawk , https-proxy-agent , loader-utils , meow , ms , protractor , release-notes-generator , request , semantic-release , send , trim-newlines

Affected packages:

@angular/cli @ 1.7.4 (+45 more)

The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.