Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and server to block. This affects Useragent 2.1.12 and earlier.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2018-06-04T19:00:00Z
Updated: 2024-09-17T00:41:28.696Z
Reserved: 2017-10-29T00:00:00
Link: CVE-2017-16030
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-06-04T19:29:01.677
Modified: 2024-11-21T03:15:41.650
Link: CVE-2017-16030
Redhat