es6-crawler-detect is vulnerable to regular expression denial of service. The vulnerability exists because user agent string length supplied to regex operators are not restricted, leading to no limit for the time module being run.
CPE | Name | Operator | Version |
---|---|---|---|
es6-crawler-detect | le | 3.1.2 | |
es6-crawler-detect | le | 3.1.2 |