← Back

Useragent

useragent

Vendor: Useragent Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-26311
1Useragent Project
1Useragent
Oct 30, 2024
Oct 26, 2024
8.7 HIGH· v4
7.5 HIGH· v3
N/A· v2
Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication,...Show more
Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no patches are available.Show less
CVE-2017-16030
1Useragent Project
1Useragent
Nov 21, 2024
Jun 4, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and se...Show more
Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and server to block. This affects Useragent 2.1.12 and earlier.Show less