CVE-2020-7793

ua-parser-js Regular Expression Denial of Service vulnerability

Description

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

JavaScript

Publish Date

February 9, 2022

Modified Date

January 14, 2025

Score Vector

Affected Versions