43 matches found
EUVD-2021-0561
Malware in sbrugna...
EUVD-2020-0301
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-21317
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uap-core in an open-source npm package which contains the core of BrowserScope's original user agent string parser. In uap-core before version 0.11.0, some...
Linux Distros Unpatched Vulnerability : CVE-2020-5243
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression...
CVE-2021-21317
uap-core in an open-source npm package which contains the core of BrowserScope's original user agent string parser. In uap-core before version 0.11.0, some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to...
CVE-2020-5243
uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent...
CVE-2021-21317
uap-core in an open-source npm package which contains the core of BrowserScope's original user agent string parser. In uap-core before version 0.11.0, some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to...
CVE-2021-21317
uap-core in an open-source npm package which contains the core of BrowserScope's original user agent string parser. In uap-core before version 0.11.0, some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to...
Design/Logic Flaw
uap-core in an open-source npm package which contains the core of BrowserScope's original user agent string parser. In uap-core before version 0.11.0, some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to...
UBUNTU-CVE-2021-21317
uap-core in an open-source npm package which contains the core of BrowserScope's original user agent string parser. In uap-core before version 0.11.0, some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to...
CVE-2021-21317
uap-core in an open-source npm package which contains the core of BrowserScope's original user agent string parser. In uap-core before version 0.11.0, some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to...
CVE-2021-21317 Denial of Service in uap-core
uap-core in an open-source npm package which contains the core of BrowserScope's original user agent string parser. In uap-core before version 0.11.0, some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to...
CVE-2021-21317
The CVE-2021-21317 issue affects the uap-core npm package (the core of BrowserScope’s user agent parser). In versions prior to 0.11.0, certain regexes allow regular expression denial of service (REDoS) via overlapping capture groups, enabling an attacker to overload a server by sending crafted lo...
Uap-core Resource Management Error Vulnerability
A resource management error vulnerability exists in Uap-core that arises from mismanagement of system resources e.g., memory, disk space, files, etc. by a networked system or product...
Regular Expression Denial Of Service (ReDoS)
uap-core is vulnerable to regular expression denial of service. The vulnerability exists in regexes.yaml as a malicious user can set the User-Agent header in an HTTPS request with a long digit string to overload a server...
GHSA-P4PJ-MG4R-X6V4 Denial of Service in uap-core
Impact Some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTPS request to maliciously crafted long strings. Patches Please update uap-core to = v0.11...
Denial of Service in uap-core
Impact Some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTPS request to maliciously crafted long strings. Patches Please update uap-core to = v0.11...
PT-2021-14414 · Uap-Core · Uap-Core
Name of the Vulnerable Software and Affected Versions: uap-core versions prior to 0.11.0 Description: The issue concerns regular expression denial of service REDoS due to overlapping capture groups in some regexes. This allows remote attackers to overload a server by setting the User-Agent header...
GHSA-PCQQ-5962-HVCW Denial of Service in uap-core when processing crafted User-Agent strings
Impact Some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTPS request to maliciously crafted long strings. Patches Please update uap-ruby to = v2.6....
Denial of Service in uap-core when processing crafted User-Agent strings
Impact Some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTPS request to maliciously crafted long strings. Patches Please update uap-ruby to = v2.6....