High severity vulnerability that affects ua-parser

2018-07-24T19:46:37
ID GHSA-PMG9-P9R2-6Q87
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:02:02

Description

ua-parser is a port of Browserscope's user agent parser. ua-parser is vulnerable to a ReDoS (Regular Expression Denial of Service) attack when given a specially crafted UserAgent header. Consider using a different package such as useragent.