Description

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).

Remediation

References

CVE-2020-7793

Related Vulnerabilities

WordPress Plugin WP-reCAPTCHA Cross-Site Scripting (3.1.3)

WordPress Plugin PDF Flipbook, 3D Flipbook WordPress-DearFlip Unspecified Vulnerability (1.7.12)

WebLogic CVE-2022-21306 Vulnerability (CVE-2022-21306)

Open Resty Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)

Magento Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-8114)

Severity

Medium

Classification

CVE-2020-7793 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities