Security Advisory

CVE-2018-20164

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-02-13 14:00:00

Last updated 2024-08-05 11:51:19

Assigner mitre

State PUBLISHED

Description

An issue was discovered in regex.yaml (aka regexes.yaml) in UA-Parser UAP-Core before 0.6.0. A Regular Expression Denial of Service (ReDoS) issue allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to a value containing a long digit string. (The UAP-Core project contains the vulnerability, propagating to all implementations.)

← Browse all CVEs View on cve.org ↗