Description
This affects the package es6-crawler-detect before 3.1.3. No limitation of user agent string length supplied to regex operators.
Remediation
References
https://snyk.io/vuln/SNYK-JS-ES6CRAWLERDETECT-1051529
https://github.com/JefferyHus/es6-crawler-detect/pull/27
Related Vulnerabilities
CVE-2020-7760 Vulnerability in maven package org.webjars.bowergithub.codemirror:codemirror
CVE-2023-26116 Vulnerability in npm package angular
CVE-2021-32851 Vulnerability in npm package mind-elixir
CVE-2022-39381 Vulnerability in npm package muhammara
CVE-2019-1010266 Vulnerability in maven package org.webjars.bower:lodash