Npm es6-crawler-detect 安全漏洞

Npm es6-crawler-detect is an application from Npm. It can help detect bots, crawlers and spiders by scanning user agent strings or from the global ... A security vulnerability exists in es6-crawler-detect before 3.1.3, which stems from the lack of a limit on the length of the user agent string...

Regular Expression Denial of Service (ReDoS)

Overview es6-crawler-detect is an ES6 version of the original PHP class @CrawlerDetect, it helps you detect bots/crawlers and spiders only by scanning the user-agent string or from the global request.headers. Affected versions of this package are vulnerable to Regular Expression Denial of Service...