6 matches found
RHEL 7 : nodejs-ua-parser-js (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs-ua-parser-js: ReDoS in multiple regexes CVE-2020-7793 - The package ua-parser-js before 0.7.22 are...
CVE-2020-7793
creationtimestamp| type| source ---|---|--- 2020-12-11 16:35:42+00:00| seen| https://t.me/cibsecurity/20106 2020-12-11 17:25:39+00:00| seen| https://t.me/cibsecurity/20126 2020-12-11 18:05:11+00:00| seen| https://t.me/cibsecurity/20144 2020-12-11 18:11:20+00:00| seen| https://t.me/cibsecurity/201...
CVE-2020-7793
The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service ReDoS in multiple regexes see linked commit for more info...
CVE-2020-7793
The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service ReDoS in multiple regexes see linked commit for more info...
CVE-2020-7793
CVE-2020-7793 affects the UAParser.js package (versions before 0.7.23). The vulnerability is a Regular Expression Denial of Service (ReDoS) across multiple regexes. Connected sources explicitly identify UAParser.js (pre-0.7.23) as vulnerable and reference the ReDoS condition; one source notes a f...
@acanto/october-scripts (=3.2.2), @acanto/workflow (=5.1.0) +392 more potentially affected by CVE-2020-7793 via ua-parser-js (>=0.6.2 <=0.7.22)
ua-parser-js NPM version =0.6.2, =1.4.0, =0.16.9, =2018.7.11-0, =2.0.1, =1.0.0, =2.0.0-beta.1, =1.9.0, =1.9.0, =1.0.0, =5.0.0, =1.1.3, =2.6.6, =2.7.0 and more Source cves: CVE-2020-7793 Source advisory: SNYK:JS-UAPARSERJS-1023599...