← Back

Ua Parser Js Project

ua-parser-js_project

5 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Ua Parser Js
ua-parser-js
5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-25927
1Ua Parser Js Project
1Ua Parser Js
Apr 1, 2025
Jan 26, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.
CVE-2021-4229
1Ua Parser Js Project
1Ua Parser Js
Nov 21, 2024
May 24, 2022
N/A· v4
8.8 HIGH· v3
7.6 HIGH· v2
A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is abl...Show more
A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component.Show less
CVE-2021-27292
1Ua Parser Js Project
1Ua Parser Js
Nov 21, 2024
Mar 17, 2021
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended p...Show more
ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time.Show less
CVE-2020-7793
2Siemens
Ua Parser Js Project
2Sinec Ins
Ua Parser Js
Nov 21, 2024
Dec 11, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).
CVE-2020-7733
2Oracle
Ua Parser Js Project
2Communications Cloud Native Core Network Function Cloud Native Environment
Ua Parser Js
Nov 21, 2024
Sep 16, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA.