Lucene search
GoogleOSV:CVE-2020-5243HistoryFeb 21, 2020 - 12:15 a.m.
CVE-2020-5243
2020-02-2100:15:10
Google
osv.dev
4
EPSS
0.003
Percentile
69.0%
uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression denial of service (REDoS) due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to maliciously crafted long strings. This has been patched in uap-core 0.7.3.
Related
veracode
veracode
Denial Of Service (DoS)
2020-02-21 03:24:07
Regular Expression Denial Of Service (ReDoS)
2020-03-11 01:28:44
cvelist
cvelist
debiancve
debiancve
CVE-2020-5243
2020-02-21 00:15:10
github
github
Denial of Service in uap-core when processing crafted User-Agent strings
2020-02-20 23:26:10
ubuntucve
ubuntucve
CVE-2020-5243
2020-02-21 00:00:00
prion
prion
Design/Logic Flaw
2020-02-21 00:15:00
osv
osv
Denial of Service in uap-core when processing crafted User-Agent strings
2020-02-20 23:26:10
nvd
nvd
CVE-2020-5243
2020-02-21 00:15:10
rubygems
rubygems
Denial of Service in uap-core when processing crafted User-Agent strings
2020-03-09 21:00:00
cve
cve
CVE-2020-5243
2020-02-21 00:15:10
kitploit
kitploit