Version Details and Security Vulnerabilities

📦

ua-parser-js

0.7.10

Comparision Betweeen 0.7.10 and 0.7.9

Identify the differences between the current version of the package and the previous one.

Version

Dependencies

Dev Dependencies

Peer Dependencies

Distributed Files

N/A

Unpacked Size

N/A

Security Vulnerabilities

This site is an independent open-source project and is not affiliated with, endorsed by, or sponsored by npm, Inc. or GitHub, Inc. The name “npm” is a registered trademark of npm, Inc., used here solely to describe compatibility and reference publicly available npm package data.

Version Details and Security Vulnerabilities

📦

ua-parser-js

0.7.10

Comparision Betweeen 0.7.10 and 0.7.9

Identify the differences between the current version of the package and the previous one.

Version

Dependencies

Dev Dependencies

Peer Dependencies

Distributed Files

N/A

Unpacked Size

N/A

Security Vulnerabilities

Security Details

Comprehensive list of direct or transitive vulnerabilities for version 0.7.10 of the package ua-parser-js.

All Security Vulnerabilities

All the vulnerabilities related to the version 0.7.10 of the package

Summary:

ua-parser-js Regular Expression Denial of Service vulnerability

Details:

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).

Details about ua-parser-js@0.7.10

Summary:

Regular Expression Denial of Service in ua-parser-js

Details:

The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA.

Details about ua-parser-js@0.7.10

Summary:

ReDoS Vulnerability in ua-parser-js version

Details:

Description:

A regular expression denial of service (ReDoS) vulnerability has been discovered in ua-parser-js.

Impact:

This vulnerability bypass the library's MAX_LENGTH input limit prevention. By crafting a very-very-long user-agent string with specific pattern, an attacker can turn the script to get stuck processing for a very long time which results in a denial of service (DoS) condition.

Affected Versions:

All versions of the library prior to version 0.7.33 / 1.0.33.

Patches:

A patch has been released to remove the vulnerable regular expression, update to version 0.7.33 / 1.0.33 or later.

References:

Regular expression Denial of Service - ReDoS

Credits:

Thanks to @Snyk who first reported the issue.

Details about ua-parser-js@0.7.10

Security Details

Comprehensive list of direct or transitive vulnerabilities for version 0.7.10 of the package ua-parser-js.

All Security Vulnerabilities

All the vulnerabilities related to the version 0.7.10 of the package

Summary:

ua-parser-js Regular Expression Denial of Service vulnerability

Details:

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).

Details about ua-parser-js@0.7.10

Summary:

Regular Expression Denial of Service in ua-parser-js

Details:

The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA.

Details about ua-parser-js@0.7.10

Summary:

ReDoS Vulnerability in ua-parser-js version

Details:

Description:

A regular expression denial of service (ReDoS) vulnerability has been discovered in ua-parser-js.

Impact:

Affected Versions:

All versions of the library prior to version 0.7.33 / 1.0.33.

Patches:

A patch has been released to remove the vulnerable regular expression, update to version 0.7.33 / 1.0.33 or later.

References:

Regular expression Denial of Service - ReDoS

Credits:

Thanks to @Snyk who first reported the issue.

Details about ua-parser-js@0.7.10

Version Details and Security Vulnerabilities

ua-parser-js

Comparision Betweeen 0.7.10 and 0.7.9

Security Vulnerabilities

Version Details and Security Vulnerabilities

ua-parser-js

Comparision Betweeen 0.7.10 and 0.7.9

Security Vulnerabilities

Security Details

All

Transitive Dependencies

Package

All Security Vulnerabilities

Description:

Impact:

Affected Versions:

Patches:

References:

Credits:

Security Details

All

Transitive Dependencies

Package

All Security Vulnerabilities

Description:

Impact:

Affected Versions:

Patches:

References:

Credits:

Version Details and Security Vulnerabilities

ua-parser-js

Comparision Betweeen 0.7.10 and 0.7.9

Security Vulnerabilities

Version Details and Security Vulnerabilities

ua-parser-js

Comparision Betweeen 0.7.10 and 0.7.9

Security Vulnerabilities

Security Details

All

Transitive Dependencies

Package

All Security Vulnerabilities

ua-parser-js@0.7.10 GHSA-394c-5j6w-4xmx 7.5

ua-parser-js@0.7.10 GHSA-662x-fhqg-9p8v 7.5

ua-parser-js@0.7.10 GHSA-fhg7-m89q-25r3 7.5

Description:

Impact:

Affected Versions:

Patches:

References:

Credits:

Security Details

All

Transitive Dependencies

Package

All Security Vulnerabilities

ua-parser-js@0.7.10 GHSA-394c-5j6w-4xmx 7.5

ua-parser-js@0.7.10 GHSA-662x-fhqg-9p8v 7.5

ua-parser-js@0.7.10 GHSA-fhg7-m89q-25r3 7.5

Description:

Impact:

Affected Versions:

Patches:

References:

Credits: