Filtered by vendor Ua-parser-js Project
Subscriptions
Filtered by product Ua-parser-js
Subscriptions
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-7733 | 3 Oracle, Redhat, Ua-parser-js Project | 3 Communications Cloud Native Core Network Function Cloud Native Environment, Rhev Manager, Ua-parser-js | 2024-09-17 | 7.5 High |
The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA. | ||||
CVE-2020-7793 | 2 Siemens, Ua-parser-js Project | 2 Sinec Ins, Ua-parser-js | 2024-09-16 | 7.5 High |
The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info). | ||||
CVE-2021-27292 | 2 Redhat, Ua-parser-js Project | 5 Acm, Jaeger, Logging and 2 more | 2024-08-03 | 7.5 High |
ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time. | ||||
CVE-2021-4229 | 1 Ua-parser-js Project | 1 Ua-parser-js | 2024-08-03 | 5 Medium |
A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component. | ||||
CVE-2022-25927 | 2 Redhat, Ua-parser-js Project | 2 Rhmt, Ua-parser-js | 2024-08-03 | 5.3 Medium |
Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function. |
Page 1 of 1.