CVE-2022-25927

Опубликовано: 26 янв. 2023

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 5.3

Описание

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
focal	ignored	end of standard support, was needs-triage
jammy	needs-triage
kinetic	ignored	end of life, was needs-triage
lunar	ignored	end of life, was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 81%

0.01515

Низкий

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2022-25927

CVSS3: 7.5

redhat

около 3 лет назад

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.

CVE-2022-25927

CVSS3: 5.3

nvd

около 3 лет назад

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.

CVE-2022-25927

CVSS3: 5.3

debian

около 3 лет назад

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, fr ...

GHSA-fhg7-m89q-25r3

CVSS3: 7.5

github

около 3 лет назад

ReDoS Vulnerability in ua-parser-js version

EPSS

Процентиль: 81%

0.01515

Низкий

5.3 Medium

CVSS3

CVE-2022-25927

Описание

Пакет node-ua-parser-js

Ссылки на источники

Связанные уязвимости