Ua Parser Js Ua Parser Jsproject Ua Parser Js

Do you want an email whenever new security vulnerabilities are reported in Ua Parser Jsproject Ua Parser Js?

By the Year

In 2024 there have been 0 vulnerabilities in Ua Parser Jsproject Ua Parser Js . Last year Ua Parser Js had 1 security vulnerability published. Right now, Ua Parser Js is on track to have less security vulnerabilities in 2024 than it did last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 1 7.50
2022 1 8.80
2021 1 7.50
2020 2 7.50
2019 0 0.00
2018 0 0.00

It may take a day or so for new Ua Parser Js vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Ua Parser Jsproject Ua Parser Js Security Vulnerabilities

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS)

CVE-2022-25927 7.5 - High - January 26, 2023

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.

ReDoS

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0

CVE-2021-4229 8.8 - High - May 24, 2022

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component.

Inclusion of Functionality from Untrusted Control Sphere

ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service

CVE-2021-27292 7.5 - High - March 17, 2021

ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time.

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).

CVE-2020-7793 7.5 - High - December 11, 2020

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).

The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS)

CVE-2020-7733 7.5 - High - September 16, 2020

The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA.

Resource Exhaustion

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Oracle Communications Cloud Native Core Network Function Cloud Native Environment or by Ua Parser Jsproject? Click the Watch button to subscribe.

subscribe