96 matches found
Moderate: Red Hat Security Advisory: RHV Manager (ovirt-engine) security update [ovirt-4.4.7]
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
@acanto/october-scripts (=3.2.2), @acanto/workflow (=5.1.0) +329 more potentially affected by CVE-2020-7733 via ua-parser-js (>=0.6.2 <=0.7.21)
ua-parser-js NPM version =0.6.2, =0.16.9, =2018.7.11-0, =2.0.1, =1.0.0, =2.0.0-beta.1, =1.0.0, =5.0.0, =2.6.6, =6.6.0, =3.0.1, =0.1.3, =0.3.8 - @chessboard/nwb =0.25.3-next.0 and more Source cves: CVE-2020-7733 Source advisory: OSV:GHSA-662X-FHQG-9P8V...
Regular Expression Denial of Service in ua-parser-js
The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service ReDoS via the regex for Redmi Phones and Mi Pad Tablets UA...
Regular Expression Denial of Service
Overview ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time. Recommendation Upgrade to version 0.7.24 or later...
@acanto/october-scripts (=3.2.2), @acanto/workflow (=5.1.0) +271 more potentially affected by CVE-2021-27292 via ua-parser-js (>=0.7.14 <=0.7.23)
ua-parser-js NPM version =0.7.14, =1.4.0, =0.16.9, =2018.7.11-0, =2.0.1, =1.9.0, =1.9.0, =1.0.0, =5.0.0, =1.1.3, =2.6.6, =1.0.0, =6.6.0, =7.5.3 and more Source cves: CVE-2021-27292 Source advisory: OSV:GHSA-78CJ-FXPH-M83P...
Regular Expression Denial of Service (ReDoS) in ua-parser-js
ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...
Regular Expression Denial Of Service (ReDoS)
ua-parser-js is vulnerable to regular expression denial of service. An attacker is able to exploit the vulnerability by sending a malicious User-Agent header under the device type causing the system to process the header for an extended period of time...
CVE-2021-27292
ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...
CVE-2021-27292
ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...
DEBIAN-CVE-2021-27292
ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...
Design/Logic Flaw
ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...
CVE-2021-27292
ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...
CVE-2021-27292
CVE-2021-27292 affects ua-parser-js. Vulnerable in versions >=0.7.14 up to before 0.7.24 due to a regex-based Denial of Service in user-agent parsing. Fixed in 0.7.24. Impact is DoS if an attacker sends a crafted User-Agent header; no exploitation details beyond that are provided. Remediation:...
CVE-2021-27292
ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...
ua-parser-js 安全漏洞
ua-parser-js is a JavaScript-based parser for User-Agent strings. It can be used in a browser client-side or node.js server-side environment. Also available as a jQuery / Zepto plugin, Bower / Meteor package and RequireJS / AMD module. A security vulnerability exists in ua-parser-js = 0.7.14, whi...
Regular Expression Denial Of Service (ReDoS)
ua-parser-js is vulnerable to regular expression denial of service ReDoS. The vulnerability exists through overly greedy regular expressions when parsing the browsers' user agent strings...
CVE-2020-7793
A flaw was found in nodejs-ua-parser-js. The software is vulnerable to Regular Expression Denial of Service ReDoS in multiple regexes...
CVE-2020-7793
The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service ReDoS in multiple regexes see linked commit for more info...
DEBIAN-CVE-2020-7793
The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service ReDoS in multiple regexes see linked commit for more info...
CVE-2020-7793
The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service ReDoS in multiple regexes see linked commit for more info...