4 matches found
CVE-2020-28501
This affects the package es6-crawler-detect before 3.1.3. No limitation of user agent string length supplied to regex operators...
CVE-2020-28501
This affects the package es6-crawler-detect before 3.1.3. No limitation of user agent string length supplied to regex operators...
CVE-2020-28501
The CVE-2020-28501 issue affects es6-crawler-detect prior to 3.1.3. The root cause is a lack of length limitation on the user agent string when fed to regex operators, producing Regular Expression Denial of Service (ReDoS). Reported references from GHSA (Regular Expression Denial of Service in es...
CVE-2020-28501 Regular Expression Denial of Service (ReDoS)
This affects the package es6-crawler-detect before 3.1.3. No limitation of user agent string length supplied to regex operators...