ua-parser-js Project ua-parser-js 0.7.15 for Node.js

CPE Details

ua-parser-js Project ua-parser-js 0.7.15 for Node.js
ua-parser-js_project
ua-parser-js
0.7.15
2020-09-18
13h45 +00:00
2020-09-18
13h45 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ua-parser-js_project:ua-parser-js:0.7.15:*:*:*:*:node.js:*:*

Informations

Vendor

ua-parser-js_project

Product

ua-parser-js

Version

0.7.15

Target Software

node.js

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-27292 2021-03-17 11h34 +00:00 ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time.
7.5
High
CVE-2020-7793 2020-12-11 13h25 +00:00 The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).
7.5
High
CVE-2020-7733 2020-09-16 14h10 +00:00 The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA.
7.5
High