Описание
ua-parser/uap-php ReDoS vulnerability
A regex expression in ua-parser/uap-php could lead to a ReDoS vulnerability in versions prior to 3.8.0.
Ссылки
- https://github.com/ua-parser/uap-core/pull/363
- https://github.com/ua-parser/uap-core/commit/156f7e12b215bddbaf3df4514c399d683e6cdadc
- https://github.com/ua-parser/uap-php/commit/947f80b39130c83a3d1c75900ac1b58828ed8aef
- https://github.com/FriendsOfPHP/security-advisories/blob/master/ua-parser/uap-php/2018-12-14.yaml
Пакеты
Наименование
ua-parser/uap-php
composer
Затронутые версииВерсия исправления
< 3.8.0
3.8.0
Дефекты
CWE-1333
Дефекты
CWE-1333