Ua-parser-js Project Ua-parser-js — known CVE vulnerabilities
Every CVE whose affected-product data names Ua-parser-js Project Ua-parser-js, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2020-7733 — CVSS 7.5 (high): The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi…
CVE-2020-7793 — CVSS 7.5 (high): The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked…
CVE-2021-27292 — CVSS 7.5 (high): ua-parser-js >= 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a…
CVE-2022-25927 — CVSS 5.3 (medium): Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression…
CVE-2021-4229 — CVSS 5.0 (medium): A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component…