Description
This affects the package es6-crawler-detect before 3.1.3. No limitation of user agent string length supplied to regex operators.
Remediation
References
https://github.com/JefferyHus/es6-crawler-detect/pull/27
https://snyk.io/vuln/SNYK-JS-ES6CRAWLERDETECT-1051529
Related Vulnerabilities
CVE-2022-24196 Vulnerability in maven package com.itextpdf:itext7-core
CVE-2021-41251 Vulnerability in npm package @sap-cloud-sdk/core
CVE-2021-23901 Vulnerability in maven package org.apache.nutch:nutch
CVE-2020-13942 Vulnerability in maven package org.apache.unomi:unomi-kar
CVE-2020-28500 Vulnerability in maven package org.webjars.bowergithub.lodash:lodash