Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:38 p.m.7 views

CVE-2020-5243

uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent...

7.5CVSS6.8AI score0.02261EPSS
Exploits1
Veracode
Veracode
added 2020/03/11 1:28 a.m.18 views

Regular Expression Denial Of Service (ReDoS)

useragentparser is vulnerable to regular expression denial of service ReDoS. The vulnerability exists through the vendored module, uap-core, where a long digit string can cause ReDoS. This vulnerability is related to CVE-2020-5243...

7.5CVSS3.2AI score0.02261EPSS
Exploits1
NVD
NVD
added 2020/02/21 12:15 a.m.35 views

CVE-2020-5243

uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent...

7.5CVSS6.3AI score0.02261EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/02/20 11:15 p.m.35 views

CVE-2020-5243 Denial of Service in uap-core when processing crafted User-Agent strings

uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression denial of service REDoS due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent...

5.7CVSS7.4AI score0.02261EPSS
Exploits1References2
CVE
CVE
added 2020/02/20 11:15 p.m.146 views

CVE-2020-5243

CVE-2020-5243 describes a denial-of-service vulnerability in uap-core before 0.7.3, where processing crafted User-Agent strings triggers overlapping capture group REGEX backtracking (REDoS). The issue affects the library’s User-Agent parsing, allowing remote attackers to overload a server by send...

7.5CVSS6.2AI score0.02261EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder