Lucene search
GoogleOSV:GHSA-78CJ-FXPH-M83PHistoryMay 06, 2021 - 4:11 p.m.
Regular Expression Denial of Service (ReDoS) in ua-parser-js
2021-05-0616:11:13
Google
osv.dev
33
0.002 Low
EPSS
Percentile
64.6%
ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ua-parser-js | ge | 0.7.14 | |
| ua-parser-js | lt | 0.7.24 |
Related
ubuntucve
ubuntucve
CVE-2021-27292
2021-03-17 00:00:00
osv
osv
CVE-2021-27292
2021-03-17 13:15:15
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2021-03-18 04:30:21
github
github
Regular Expression Denial of Service (ReDoS) in ua-parser-js
2021-05-06 16:11:13
nodejs
nodejs
Regular Expression Denial of Service
2021-05-06 16:15:15
nvd
nvd
CVE-2021-27292
2021-03-17 13:15:15
prion
prion
Design/Logic Flaw
2021-03-17 13:15:00
redhatcve
redhatcve
CVE-2021-27292
2022-05-07 14:19:14
cve
cve
CVE-2021-27292
2021-03-17 13:15:15
cvelist
cvelist
CVE-2021-27292
2021-03-17 12:34:48
debiancve
debiancve
CVE-2021-27292
2021-03-17 13:15:15
redhat
redhat
ibm
ibm
kitploit
kitploit
nessus
nessus
Splunk Enterprise < 8.1.14, 8.2.0 < 8.2.11, 9.0.0 < 9.0.5 (SVD-2023-0613)
2024-05-02 00:00:00