How severe is CVE-2022-25927?

CVE-2022-25927 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2022-25927

Name: ua-parser-js
Author: ua-parser-js_project

5.3MEDIUM

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.

Publicado: 1/26/2023Atualizado: 4/1/2025

Descrição

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.

Análise IADesenvolvido por IA

Produtos Afetados

ua-parser-js_projectua-parser-js

Referências

https://github.com/faisalman/ua-parser-js/commit/a6140a17dd0300a35cfc9cff999545f267889411
PatchThird Party Advisory
https://security.snyk.io/vuln/SNYK-JS-UAPARSERJS-3244450
ExploitThird Party Advisory
https://github.com/faisalman/ua-parser-js/commit/a6140a17dd0300a35cfc9cff999545f267889411
PatchThird Party Advisory
https://security.snyk.io/vuln/SNYK-JS-UAPARSERJS-3244450
ExploitThird Party Advisory