Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
A crafted list can trigger a ArrayIndexOutOfBoundsException in Yauaa
Vulnerability Description
Yet Another UserAgent Analyzer (Yauaa) is a java library that tries to parse and analyze the useragent string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature introduced with 7.0.0 can crash because the Yauaa library throws an ArrayIndexOutOfBoundsException. If uncaught the exception will result in a program crash. Applications that do not use this feature are not affected. Users are advised to upgrade to version 7.9.0. Users unable to upgrade may catch and discard any ArrayIndexOutOfBoundsException thrown by the Yauaa library.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
对异常条件的处理不恰当
Vulnerability Title
Yauaa 安全漏洞
Vulnerability Description
Yauaa是Niels Basjes个人开发者的一个 java 库。用于 UserAgent 分析。 Yauaa 存在安全漏洞,该漏洞源于其引入的客户端提示分析特性的应用程序当Yauaa库抛出了一个ArrayIndexOutOfBoundsException异常但未被捕获时将导致程序崩溃。
CVSS Information
N/A
Vulnerability Type
N/A