CVE-2022-25927

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.
Configurations

Configuration 1

cpe:2.3:a:ua-parser-js_project:ua-parser-js:*:*:*:*:*:node.js:*:*
cpe:2.3:a:ua-parser-js_project:ua-parser-js:*:*:*:*:*:node.js:*:*

Information

Published : 2023-01-26 09:15

Updated : 2023-02-02 06:26


NVD link : CVE-2022-25927

Mitre link : CVE-2022-25927

Products Affected
No products.
CWE
CWE-1333

Inefficient Regular Expression Complexity