Back to search
CVE-2017-16030
Published: Jun 4, 2018
Modified: Sep 17, 2024
PUBLISHED
Description
Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and server to block. This affects Useragent 2.1.12 and earlier.
| Vendor | Product | Versions |
|---|---|---|
HackerOne | useragent node module | affected <=2.1.12 |
Weaknesses (CWE)
References
https://nodesecurity.io/advisories/312
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now