Regular Expression Denial of Service (ReDoS) in ua-parser-js trim() function

Regular Expression Denial of Service (ReDoS) in ua-parser-js trim() function

CVE-2022-25927 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.

Learn more about our Web Application Penetration Testing UK.