Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2017-16030 Vulnerability in npm package useragent

Description

Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and server to block. This affects Useragent 2.1.12 and earlier.

Remediation

References

https://nodesecurity.io/advisories/312

Related Vulnerabilities

CVE-2023-26111 Vulnerability in npm package node-static

CVE-2022-36899 Vulnerability in maven package com.compuware.jenkins:compuware-ispw-operations

CVE-2015-8315 Vulnerability in maven package org.webjars.npm:ms

CVE-2020-26939 Vulnerability in maven package org.bouncycastle:bcprov-ext-jdk15to18

CVE-2021-29486 Vulnerability in npm package cumulative-distribution-function

Severity

High

Classification

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Exploit Third Party Advisory NVD-CWE-noinfo