All versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing.