Regular Expression Denial of Service (ReDoS) in ua-parser-js trim() function
CVE-2022-25927 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.
Learn more about our Web Application Penetration Testing UK.