Vulnerabilities/

ReDoS via long UserAgent header in useragent

Severity:
High

Description

Affected versions of useragent are vulnerable to regular expression denial of service when an arbitrarily long User-Agent header is parsed.

Recommendation

Update the useragent package to the latest compatible version. Followings are version details:

References

Related Issues

Tags:
npm
useragent
Anything's wrong? Let us know Last updated on September 06, 2023

This issue is available in SmartScanner Professional

See Pricing