Homepage

useragent@2.1.13 vulnerabilities

Fastest, most accurate & effecient user agent string parser, uses Browserscope's research for parsing

  • latest version

    2.3.0

  • first published

    14 years ago

  • latest version published

    7 years ago

  • licenses detected

  • View useragent package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the useragent package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Regular Expression Denial of Service (ReDoS)

    useragent is an allows you to parse user agent string with high accuracy by using hand tuned dedicated regular expressions for browser matching.

    Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expressions in the regexps.js component.

    How to fix Regular Expression Denial of Service (ReDoS)?

    There is no fixed version for useragent.

    *
    • H
    Regular Expression Denial of Service (ReDoS)

    useragent allows you to parse user agent string with high accuracy by using hand tuned dedicated regular expressions for browser matching.

    Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when passing long user-agent strings.

    This is due to incomplete fix for this vulnerability: https://snyk.io/vuln/SNYK-JS-USERAGENT-11000.

    An attempt to fix the vulnerability has been pushed to master.

    How to fix Regular Expression Denial of Service (ReDoS)?

    A fix was pushed into the master branch but not yet published.

    *
    Go back to all versions of this package