CVE-2022-25927, GHSA-fhg7-m89q-25r3, GMS-2023-120
npm/ua-parser-js
Inefficient Regular Expression Complexity
Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 is vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.
All versions starting from 0.7.30 before 0.7.33, all versions starting from 0.8.1 before 1.0.33
Upgrade to versions 0.7.33, 1.0.33 or above.
2023-02-03
source |