Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    3 vulnerabilities by faisalman

    CVE-2026-48125 (GCVE-0-2026-48125)

    Vulnerability from nvd – Published: 2026-07-14 20:54 – Updated: 2026-07-15 12:55
    VLAI
    Title
    UAParser.js: Unbounded `Sec-CH-UA-Model` parsing can trigger ReDoS in `withClientHints()`
    Summary
    UAParser.js is a JavaScript library to detect browsers, operating systems, CPUs, and devices from user-agent data. From 2.0.1 until 2.0.10, a regular expression denial-of-service vulnerability exists when using the Client Hints API. By sending a crafted Sec-CH-UA-Model header to an application that calls UAParser(headers).withClientHints(), an attacker can cause excessive CPU time due to catastrophic backtracking in the device regex because Client Hints values are copied without the UA_MAX_LENGTH limit used for User-Agent values. This issue is fixed in version 2.0.10.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    • CWE-1333 - Inefficient Regular Expression Complexity
    Assigner
    Impacted products
    Vendor Product Version
    faisalman ua-parser-js Affected: >= 2.0.1, < 2.0.10
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48125",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T12:55:17.247452Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T12:55:20.077Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/faisalman/ua-parser-js/security/advisories/GHSA-9h5v-pfqq-x599"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ua-parser-js",
              "vendor": "faisalman",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.0.1, \u003c 2.0.10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "UAParser.js is a JavaScript library to detect browsers, operating systems, CPUs, and devices from user-agent data. From 2.0.1 until 2.0.10, a regular expression denial-of-service vulnerability exists when using the Client Hints API. By sending a crafted Sec-CH-UA-Model header to an application that calls UAParser(headers).withClientHints(), an attacker can cause excessive CPU time due to catastrophic backtracking in the device regex because Client Hints values are copied without the UA_MAX_LENGTH limit used for User-Agent values. This issue is fixed in version 2.0.10."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-1333",
                  "description": "CWE-1333: Inefficient Regular Expression Complexity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:54:56.374Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/faisalman/ua-parser-js/security/advisories/GHSA-9h5v-pfqq-x599",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/faisalman/ua-parser-js/security/advisories/GHSA-9h5v-pfqq-x599"
            },
            {
              "name": "https://github.com/faisalman/ua-parser-js/commit/90354d3458495628b1d3ba68a9d76673e6d14fc5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/faisalman/ua-parser-js/commit/90354d3458495628b1d3ba68a9d76673e6d14fc5"
            },
            {
              "name": "https://github.com/faisalman/ua-parser-js/releases/tag/2.0.10",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/faisalman/ua-parser-js/releases/tag/2.0.10"
            }
          ],
          "source": {
            "advisory": "GHSA-9h5v-pfqq-x599",
            "discovery": "UNKNOWN"
          },
          "title": "UAParser.js: Unbounded `Sec-CH-UA-Model` parsing can trigger ReDoS in `withClientHints()`"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-48125",
        "datePublished": "2026-07-14T20:54:56.374Z",
        "dateReserved": "2026-05-20T18:46:58.291Z",
        "dateUpdated": "2026-07-15T12:55:20.077Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-48125 (GCVE-0-2026-48125)

    Vulnerability from cvelistv5 – Published: 2026-07-14 20:54 – Updated: 2026-07-15 12:55
    VLAI
    Title
    UAParser.js: Unbounded `Sec-CH-UA-Model` parsing can trigger ReDoS in `withClientHints()`
    Summary
    UAParser.js is a JavaScript library to detect browsers, operating systems, CPUs, and devices from user-agent data. From 2.0.1 until 2.0.10, a regular expression denial-of-service vulnerability exists when using the Client Hints API. By sending a crafted Sec-CH-UA-Model header to an application that calls UAParser(headers).withClientHints(), an attacker can cause excessive CPU time due to catastrophic backtracking in the device regex because Client Hints values are copied without the UA_MAX_LENGTH limit used for User-Agent values. This issue is fixed in version 2.0.10.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    • CWE-1333 - Inefficient Regular Expression Complexity
    Assigner
    Impacted products
    Vendor Product Version
    faisalman ua-parser-js Affected: >= 2.0.1, < 2.0.10
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-48125",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-15T12:55:17.247452Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-15T12:55:20.077Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/faisalman/ua-parser-js/security/advisories/GHSA-9h5v-pfqq-x599"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ua-parser-js",
              "vendor": "faisalman",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.0.1, \u003c 2.0.10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "UAParser.js is a JavaScript library to detect browsers, operating systems, CPUs, and devices from user-agent data. From 2.0.1 until 2.0.10, a regular expression denial-of-service vulnerability exists when using the Client Hints API. By sending a crafted Sec-CH-UA-Model header to an application that calls UAParser(headers).withClientHints(), an attacker can cause excessive CPU time due to catastrophic backtracking in the device regex because Client Hints values are copied without the UA_MAX_LENGTH limit used for User-Agent values. This issue is fixed in version 2.0.10."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400: Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-1333",
                  "description": "CWE-1333: Inefficient Regular Expression Complexity",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-14T20:54:56.374Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/faisalman/ua-parser-js/security/advisories/GHSA-9h5v-pfqq-x599",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/faisalman/ua-parser-js/security/advisories/GHSA-9h5v-pfqq-x599"
            },
            {
              "name": "https://github.com/faisalman/ua-parser-js/commit/90354d3458495628b1d3ba68a9d76673e6d14fc5",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/faisalman/ua-parser-js/commit/90354d3458495628b1d3ba68a9d76673e6d14fc5"
            },
            {
              "name": "https://github.com/faisalman/ua-parser-js/releases/tag/2.0.10",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/faisalman/ua-parser-js/releases/tag/2.0.10"
            }
          ],
          "source": {
            "advisory": "GHSA-9h5v-pfqq-x599",
            "discovery": "UNKNOWN"
          },
          "title": "UAParser.js: Unbounded `Sec-CH-UA-Model` parsing can trigger ReDoS in `withClientHints()`"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-48125",
        "datePublished": "2026-07-14T20:54:56.374Z",
        "dateReserved": "2026-05-20T18:46:58.291Z",
        "dateUpdated": "2026-07-15T12:55:20.077Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    VAR-202012-1420

    Vulnerability from variot - Updated: 2023-12-18 11:43

    The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info). ua-parser-js Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202012-1420",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "sinec ins",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "siemens",
            "version": "1.0"
          },
          {
            "model": "ua-parser-js",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "ua parser js",
            "version": "0.7.23"
          },
          {
            "model": "sinec ins",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "siemens",
            "version": "1.0"
          },
          {
            "model": "ua-parser-js",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "faisalman",
            "version": "0.7.23"
          },
          {
            "model": "ua-parser-js",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "faisalman",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014179"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-7793"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:ua-parser-js_project:ua-parser-js:*:*:*:*:*:node.js:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "0.7.23",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-7793"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Siemens reported these vulnerabilities to CISA.",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-978"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-7793",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.0,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2020-7793",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-014179",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2020-7793",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "report@snyk.io",
                "id": "CVE-2020-7793",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202012-978",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-7793",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-7793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014179"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-7793"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-7793"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-978"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info). ua-parser-js Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-7793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014179"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-7793"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-7793",
            "trust": 3.3
          },
          {
            "db": "SIEMENS",
            "id": "SSA-637483",
            "trust": 1.7
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-22-258-05",
            "trust": 1.5
          },
          {
            "db": "JVN",
            "id": "JVNVU99475301",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014179",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.4616",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.2555",
            "trust": 0.6
          },
          {
            "db": "CS-HELP",
            "id": "SB2022052615",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-978",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-7793",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-7793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014179"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-7793"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-978"
          }
        ]
      },
      "id": "VAR-202012-1420",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.20766129
      },
      "last_update_date": "2023-12-18T11:43:56.929000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Fix\u00a0ReDoS\u00a0vulnerabilities\u00a0reported\u00a0by\u00a0Snyk",
            "trust": 0.8,
            "url": "https://github.com/faisalman/ua-parser-js/commit/6d1f26df051ba681463ef109d36c9cf0f7e32b18"
          },
          {
            "title": "ua-parser-js Remediation of resource management error vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=137311"
          },
          {
            "title": "awesome-redos-security",
            "trust": 0.1,
            "url": "https://github.com/engn33r/awesome-redos-security "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-7793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014179"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-978"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "Resource exhaustion (CWE-400) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014179"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-7793"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://github.com/faisalman/ua-parser-js/commit/6d1f26df051ba681463ef109d36c9cf0f7e32b18"
          },
          {
            "trust": 1.7,
            "url": "https://snyk.io/vuln/snyk-java-orgwebjarsbowergithubfaisalman-1050388"
          },
          {
            "trust": 1.7,
            "url": "https://snyk.io/vuln/snyk-js-uaparserjs-1023599"
          },
          {
            "trust": 1.7,
            "url": "https://snyk.io/vuln/snyk-java-orgwebjarsnpm-1050387"
          },
          {
            "trust": 1.7,
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7793"
          },
          {
            "trust": 0.9,
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-258-05"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu99475301/index.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2022052615"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.4616"
          },
          {
            "trust": 0.6,
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-258-05"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.2555"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-7793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014179"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-7793"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-978"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2020-7793"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014179"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-7793"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-978"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-12-11T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-7793"
          },
          {
            "date": "2021-08-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-014179"
          },
          {
            "date": "2020-12-11T14:15:11.283000",
            "db": "NVD",
            "id": "CVE-2020-7793"
          },
          {
            "date": "2020-12-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-978"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-09-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-7793"
          },
          {
            "date": "2022-09-20T05:31:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-014179"
          },
          {
            "date": "2022-09-13T21:23:36.800000",
            "db": "NVD",
            "id": "CVE-2020-7793"
          },
          {
            "date": "2022-09-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202012-978"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-978"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ua-parser-js\u00a0 Resource exhaustion vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-014179"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202012-978"
          }
        ],
        "trust": 0.6
      }
    }