Lucene search
+L

96 matches found

redhat
redhat
added 2021/07/22 3:14 p.m.55 views

Moderate: Red Hat Security Advisory: RHV Manager (ovirt-engine) security update [ovirt-4.4.7]

Updated ovirt-engine packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

7.5CVSS7AI score0.04579EPSS
Exploits5References27
vulnersosv
vulnersosv
added 2021/05/07 4:18 p.m.7 views

@acanto/october-scripts (=3.2.2), @acanto/workflow (=5.1.0) +329 more potentially affected by CVE-2020-7733 via ua-parser-js (>=0.6.2 <=0.7.21)

ua-parser-js NPM version =0.6.2, =0.16.9, =2018.7.11-0, =2.0.1, =1.0.0, =2.0.0-beta.1, =1.0.0, =5.0.0, =2.6.6, =6.6.0, =3.0.1, =0.1.3, =0.3.8 - @chessboard/nwb =0.25.3-next.0 and more Source cves: CVE-2020-7733 Source advisory: OSV:GHSA-662X-FHQG-9P8V...

7.5CVSS7.1AI score0.04483EPSS
Exploits1
github
github
added 2021/05/07 4:18 p.m.76 views

Regular Expression Denial of Service in ua-parser-js

The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service ReDoS via the regex for Redmi Phones and Mi Pad Tablets UA...

7.5CVSS7.5AI score0.04483EPSS
Exploits1References7Affected Software1
nodejs
nodejs
added 2021/05/06 4:15 p.m.47 views

Regular Expression Denial of Service

Overview ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time. Recommendation Upgrade to version 0.7.24 or later...

5CVSS5.2AI score0.03366EPSS
Exploits1Affected Software1
vulnersosv
vulnersosv
added 2021/05/06 4:11 p.m.7 views

@acanto/october-scripts (=3.2.2), @acanto/workflow (=5.1.0) +271 more potentially affected by CVE-2021-27292 via ua-parser-js (>=0.7.14 <=0.7.23)

ua-parser-js NPM version =0.7.14, =1.4.0, =0.16.9, =2018.7.11-0, =2.0.1, =1.9.0, =1.9.0, =1.0.0, =5.0.0, =1.1.3, =2.6.6, =1.0.0, =6.6.0, =7.5.3 and more Source cves: CVE-2021-27292 Source advisory: OSV:GHSA-78CJ-FXPH-M83P...

7.5CVSS7.1AI score0.03366EPSS
Exploits1
github
github
added 2021/05/06 4:11 p.m.117 views

Regular Expression Denial of Service (ReDoS) in ua-parser-js

ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...

7.5CVSS3.7AI score0.03366EPSS
Exploits1References5Affected Software1
veracode
veracode
added 2021/03/18 4:30 a.m.38 views

Regular Expression Denial Of Service (ReDoS)

ua-parser-js is vulnerable to regular expression denial of service. An attacker is able to exploit the vulnerability by sending a malicious User-Agent header under the device type causing the system to process the header for an extended period of time...

7.5CVSS3.7AI score0.03366EPSS
Exploits1References5Affected Software2
nvd
nvd
added 2021/03/17 1:15 p.m.18 views

CVE-2021-27292

ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...

7.5CVSS0.03366EPSS
Exploits1References3
osv
osv
added 2021/03/17 1:15 p.m.32 views

CVE-2021-27292

ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...

7.5CVSS6.5AI score
Exploits0References3
osv
osv
added 2021/03/17 1:15 p.m.1 views

DEBIAN-CVE-2021-27292

ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...

7.5CVSS7.6AI score0.03366EPSS
Exploits1References1
prion
prion
added 2021/03/17 1:15 p.m.30 views

Design/Logic Flaw

ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...

5CVSS7.2AI score0.03366EPSS
Exploits1References3Affected Software1
ubuntucve
ubuntucve
added 2021/03/17 1:15 p.m.54 views

CVE-2021-27292

ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...

7.5CVSS7.1AI score0.03366EPSS
Exploits1References3
cve
cve
added 2021/03/17 12:34 p.m.274 views

CVE-2021-27292

CVE-2021-27292 affects ua-parser-js. Vulnerable in versions &gt;=0.7.14 up to before 0.7.24 due to a regex-based Denial of Service in user-agent parsing. Fixed in 0.7.24. Impact is DoS if an attacker sends a crafted User-Agent header; no exploitation details beyond that are provided. Remediation:...

7.5CVSS7.2AI score0.03366EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2021/03/17 12:34 p.m.46 views

CVE-2021-27292

ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time...

7.5AI score0.03366EPSS
Exploits1References3
cnnvd
cnnvd
added 2021/03/17 12:0 a.m.7 views

ua-parser-js 安全漏洞

ua-parser-js is a JavaScript-based parser for User-Agent strings. It can be used in a browser client-side or node.js server-side environment. Also available as a jQuery / Zepto plugin, Bower / Meteor package and RequireJS / AMD module. A security vulnerability exists in ua-parser-js = 0.7.14, whi...

7.5CVSS7.4AI score0.03366EPSS
Exploits1References16
veracode
veracode
added 2020/12/22 1:9 a.m.9 views

Regular Expression Denial Of Service (ReDoS)

ua-parser-js is vulnerable to regular expression denial of service ReDoS. The vulnerability exists through overly greedy regular expressions when parsing the browsers' user agent strings...

4.8AI score
Exploits0
redhatcve
redhatcve
added 2020/12/14 2:57 p.m.35 views

CVE-2020-7793

A flaw was found in nodejs-ua-parser-js. The software is vulnerable to Regular Expression Denial of Service ReDoS in multiple regexes...

7.5CVSS3.4AI score0.03878EPSS
Exploits1References4
nvd
nvd
added 2020/12/11 2:15 p.m.24 views

CVE-2020-7793

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service ReDoS in multiple regexes see linked commit for more info...

7.5CVSS7.5AI score0.03878EPSS
Exploits1References5
osv
osv
added 2020/12/11 2:15 p.m.1 views

DEBIAN-CVE-2020-7793

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service ReDoS in multiple regexes see linked commit for more info...

7.5CVSS7AI score0.03878EPSS
Exploits1References1
osv
osv
added 2020/12/11 2:15 p.m.26 views

CVE-2020-7793

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service ReDoS in multiple regexes see linked commit for more info...

7.5CVSS6.6AI score
Exploits0References5
Rows per page
Query Builder