GSD-2018-20164
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
An issue was discovered in regex.yaml (aka regexes.yaml) in UA-Parser UAP-Core before 0.6.0. A Regular Expression Denial of Service (ReDoS) issue allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to a value containing a long digit string. (The UAP-Core project contains the vulnerability, propagating to all implementations.)
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-20164",
"description": "An issue was discovered in regex.yaml (aka regexes.yaml) in UA-Parser UAP-Core before 0.6.0. A Regular Expression Denial of Service (ReDoS) issue allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to a value containing a long digit string. (The UAP-Core project contains the vulnerability, propagating to all implementations.)",
"id": "GSD-2018-20164",
"references": [
"https://packetstormsecurity.com/files/cve/CVE-2018-20164"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-20164"
],
"details": "An issue was discovered in regex.yaml (aka regexes.yaml) in UA-Parser UAP-Core before 0.6.0. A Regular Expression Denial of Service (ReDoS) issue allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to a value containing a long digit string. (The UAP-Core project contains the vulnerability, propagating to all implementations.)",
"id": "GSD-2018-20164",
"modified": "2023-12-13T01:22:28.929801Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20164",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in regex.yaml (aka regexes.yaml) in UA-Parser UAP-Core before 0.6.0. A Regular Expression Denial of Service (ReDoS) issue allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to a value containing a long digit string. (The UAP-Core project contains the vulnerability, propagating to all implementations.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ua-parser/uap-core/commit/010ccdc7303546cd22b9da687c29f4a996990014",
"refsource": "MISC",
"url": "https://github.com/ua-parser/uap-core/commit/010ccdc7303546cd22b9da687c29f4a996990014"
},
{
"name": "https://github.com/ua-parser/uap-core/commit/156f7e12b215bddbaf3df4514c399d683e6cdadc",
"refsource": "MISC",
"url": "https://github.com/ua-parser/uap-core/commit/156f7e12b215bddbaf3df4514c399d683e6cdadc"
},
{
"name": "https://www.x41-dsec.de/lab/advisories/x41-2018-009-uaparser/",
"refsource": "MISC",
"url": "https://www.x41-dsec.de/lab/advisories/x41-2018-009-uaparser/"
},
{
"name": "https://github.com/ua-parser/uap-core/issues/332",
"refsource": "MISC",
"url": "https://github.com/ua-parser/uap-core/issues/332"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c2.5.1",
"affected_versions": "All versions before 2.5.1",
"credit": "Luc Gommans, X41 D-SEC GmbH",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-185",
"CWE-937"
],
"date": "2019-10-02",
"description": "The programming library UA-Parser uses regular expressions to identify user agent strings. The complexity of the regular expressions is such that an attacker can craft special patterns that keep the server busy for a long time. By sending many requests in short order, an attacker can exhaust the amount of processing power available.",
"fixed_versions": [
"2.5.1"
],
"identifier": "CVE-2018-20164",
"identifiers": [
"CVE-2018-20164"
],
"not_impacted": "All versions starting from 2.5.1",
"package_slug": "gem/user_agent_parser",
"pubdate": "2019-02-13",
"solution": "Upgrade to version 2.5.1 or above.",
"title": "ReDoS",
"urls": [
"https://github.com/ua-parser/uap-core/pull/363/files",
"https://nvd.nist.gov/vuln/detail/CVE-2018-20164",
"https://www.openwall.com/lists/oss-security/2019/01/10/2",
"https://www.x41-dsec.de/lab/advisories/x41-2018-009-uaparser/"
],
"uuid": "7a96bda0-52f4-40bd-8703-0fe6c17f96ea"
},
{
"affected_range": "(,1.4.1)",
"affected_versions": "All versions before 1.4.1",
"credit": "Luc Gommans, X41 D-SEC GmbH",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-185",
"CWE-937"
],
"date": "2019-10-02",
"description": "The programming library UA-Parser uses regular expressions to identify user agent strings. The complexity of some of the regular expressions is such that an attacker can craft special patterns that keep the server busy for a long time. By sending many requests in short order, an attacker can exhaust the amount of processing power available.",
"fixed_versions": [
"1.4.1"
],
"identifier": "CVE-2018-20164",
"identifiers": [
"CVE-2018-20164"
],
"package_slug": "maven/com.github.ua-parser/uap-java",
"pubdate": "2019-02-13",
"solution": "Upgrade to a fixed version",
"title": "ReDoS",
"urls": [
"https://github.com/ua-parser/uap-core/pull/363/files",
"https://nvd.nist.gov/vuln/detail/CVE-2018-20164",
"https://www.openwall.com/lists/oss-security/2019/01/10/2",
"https://www.x41-dsec.de/lab/advisories/x41-2018-009-uaparser/"
],
"uuid": "df48e7a2-f8b5-419d-826e-6ea299e67b73"
},
{
"affected_range": "\u003c0.6.1",
"affected_versions": "All versions before 0.6.1",
"credit": "Luc Gommans, X41 D-SEC GmbH",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-185",
"CWE-937"
],
"date": "2019-10-02",
"description": "The programming library UA-Parser uses regular expressions to identify user agent strings. The complexity of some of the regular expressions is such that an attacker can craft special patterns that keep the server busy for a long time. By sending many requests in short order, an attacker can exhaust the amount of processing power available.",
"fixed_versions": [
"0.6.1"
],
"identifier": "CVE-2018-20164",
"identifiers": [
"CVE-2018-20164"
],
"package_slug": "npm/uap-core",
"pubdate": "2019-02-13",
"solution": "Upgrade to a fixed version",
"title": "ReDoS",
"urls": [
"https://github.com/ua-parser/uap-core/pull/363/files",
"https://nvd.nist.gov/vuln/detail/CVE-2018-20164",
"https://www.openwall.com/lists/oss-security/2019/01/10/2",
"https://www.x41-dsec.de/lab/advisories/x41-2018-009-uaparser/"
],
"uuid": "e7fa3b3a-d53c-4a54-9e13-1408bf5d5126"
},
{
"affected_range": "\u003c0.9.0",
"affected_versions": "All versions before 0.9.0",
"credit": "Luc Gommans, X41 D-SEC GmbH",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-185",
"CWE-937"
],
"date": "2019-10-02",
"description": "The programming library UA-Parser uses regular expressions to identify user agent strings. An attacker can craft special patterns that keep the server busy for a long time. By sending many requests in short order, an attacker can exhaust the amount of processing power available.",
"fixed_versions": [
"0.9.0"
],
"identifier": "CVE-2018-20164",
"identifiers": [
"CVE-2018-20164"
],
"package_slug": "pypi/ua-parser",
"pubdate": "2019-02-13",
"solution": "Upgrade to 0.9.0 or later",
"title": "ReDoS",
"urls": [
"https://github.com/ua-parser/uap-core/pull/363/files",
"https://nvd.nist.gov/vuln/detail/CVE-2018-20164",
"https://www.openwall.com/lists/oss-security/2019/01/10/2",
"https://www.x41-dsec.de/lab/advisories/x41-2018-009-uaparser/"
],
"uuid": "7c09a9f0-f6d4-401b-a7ee-29683ea892e1"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:uaparser:user_agent_parser-core:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.6.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20164"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An issue was discovered in regex.yaml (aka regexes.yaml) in UA-Parser UAP-Core before 0.6.0. A Regular Expression Denial of Service (ReDoS) issue allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to a value containing a long digit string. (The UAP-Core project contains the vulnerability, propagating to all implementations.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-185"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.x41-dsec.de/lab/advisories/x41-2018-009-uaparser/",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.x41-dsec.de/lab/advisories/x41-2018-009-uaparser/"
},
{
"name": "https://github.com/ua-parser/uap-core/commit/156f7e12b215bddbaf3df4514c399d683e6cdadc",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/ua-parser/uap-core/commit/156f7e12b215bddbaf3df4514c399d683e6cdadc"
},
{
"name": "https://github.com/ua-parser/uap-core/commit/010ccdc7303546cd22b9da687c29f4a996990014",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/ua-parser/uap-core/commit/010ccdc7303546cd22b9da687c29f4a996990014"
},
{
"name": "https://github.com/ua-parser/uap-core/issues/332",
"refsource": "MISC",
"tags": [],
"url": "https://github.com/ua-parser/uap-core/issues/332"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
},
"lastModifiedDate": "2019-10-02T20:15Z",
"publishedDate": "2019-02-13T14:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…