9 matches found
CVE-2022-23496
Yet Another UserAgent Analyzer Yauaa is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an...
CVE-2023-45367
An issue was discovered in the CheckUser extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. A user can use a rest.php/checkuser/v0/useragent-clienthints/revision/ URL to store an arbitrary number of rows in cuuseragentclienthints, leading to a...
Denial Of Service (DoS)
yauaa is vulnerable to denial of service. The vulnerability exists due to ClientHintsAnalyzer.java improperly handling client hints, allowing an attacker to crash the application through the ArrayIndexOutOfBoundsException by passing a malicious user-agent string when using the client hint analysi...
CVE-2022-23496
Yet Another UserAgent Analyzer Yauaa is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an...
Design/Logic Flaw
Yet Another UserAgent Analyzer Yauaa is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an...
CVE-2022-23496 A crafted list can trigger a ArrayIndexOutOfBoundsException in Yauaa
Yet Another UserAgent Analyzer Yauaa is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an...
CVE-2022-23496 A crafted list can trigger a ArrayIndexOutOfBoundsException in Yauaa
Yet Another UserAgent Analyzer Yauaa is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an...
GHSA-C4PM-63CG-9J7H Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List
Impact Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an ArrayIndexOutOfBoundsException. Applications that do not use this feature are not affected. Patches Upgrade to 7.9.0 Workarounds Catch and discard any exceptions from...
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List
Impact Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an ArrayIndexOutOfBoundsException. Applications that do not use this feature are not affected. Patches Upgrade to 7.9.0 Workarounds Catch and discard any exceptions from...