ua-parser-js Project ua-parser-js 0.7.20 for Node.js

CPE Details

ua-parser-js Project ua-parser-js 0.7.20 for Node.js
ua-parser-js_project
ua-parser-js
0.7.20
2020-09-18
13h45 +00:00
2020-09-18
13h45 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:ua-parser-js_project:ua-parser-js:0.7.20:*:*:*:*:node.js:*:*

Informations

Vendor

ua-parser-js_project

Product

ua-parser-js

Version

0.7.20

Target Software

node.js

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-27292 2021-03-17 11h34 +00:00 ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time.
7.5
Haute
CVE-2020-7793 2020-12-11 13h25 +00:00 The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).
7.5
Haute
CVE-2020-7733 2020-09-16 14h10 +00:00 The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA.
7.5
Haute