Description
ua-parser is a port of Browserscope's user agent parser. ua-parser is vulnerable to a ReDoS (Regular Expression Denial of Service) attack when given a specially crafted UserAgent header.
Remediation
References
https://nodesecurity.io/advisories/316
Related Vulnerabilities
CVE-2023-26487 Vulnerability in npm package vega
CVE-2020-1945 Vulnerability in maven package org.apache.ant:ant
CVE-2022-41250 Vulnerability in maven package com.meowlomo.jenkins:scm-httpclient
CVE-2019-10382 Vulnerability in maven package org.jenkins-ci.plugins:labmanager
CVE-2023-30528 Vulnerability in maven package org.jenkins-ci.plugins:wso2id-oauth