Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and server to block. This affects Useragent 2.1.12 and earlier.
CVSS Information
N/A
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Useragent 安全漏洞
Vulnerability Description
Useragent是一款通过使用专用的正则表达式进行浏览器匹配从而解析用户代理字符串的用户代理解析器。 Useragent 2.1.12及之前版本中存在安全漏洞,该漏洞源于程序使用正则表达式来解析用户代理包头。攻击者可通过将其自己的包头编辑成任意长度的用户代理字符串利用该漏洞造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A