Regular Expression Denial of Service (REDoS) in UAParser.js
5y agoen
Source
SnykRegular Expression Denial of Service (REDoS) in UAParser.jssnyk.ioWelcome to the Snyk Monthly Vulnerability Profile. This month we’re looking at a Regular Expression Denial of Service (REDoS) vulnerability discovered in the popular UAParser JavaScript package.
You might also wanna read
Regolith: A ReDoS-Immune TypeScript/JavaScript Regex Library Using Rust for Linear Time Complexity
Regolith is a server-side TypeScript and JavaScript library designed to prevent Regular Expression Denial of Service (ReDoS) attacks by usin
Attackers use invisible Unicode characters to hide malicious code in GitHub repositories
Attackers are exploiting invisible Unicode characters (Private Use Areas) to hide malicious code in JavaScript files hosted on GitHub and ot
arstechnica.com·3mo agoGlassworm Threat Actor Returns with Unicode-Based Supply Chain Attacks on GitHub, npm, and VS Code
The Glassworm threat actor has returned with a new wave of supply chain attacks using invisible Unicode characters to compromise software re
aikido.dev·3mo agoComposer vulnerability leaks GitHub Actions GITHUB_TOKEN in logs due to format mismatch
A security vulnerability has been identified where Composer leaks the full contents of GitHub OAuth tokens (specifically GITHUB_TOKEN) to st
Technical conflict between DMARC's new "np" tag and DNSSEC compact denial of existence
The article explains a technical conflict between two recent internet standards: DMARC's new "np" tag (RFC 9989), designed to specify email
TanStack NPM Packages Compromised
github.com·1mo ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.