VulnerableCode Package Details - pkg:npm/uap-core@0.6.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:npm/uap-core@0.6.1

Essentials
History (3)

purl	pkg:npm/uap-core@0.6.1

Next non-vulnerable version	0.11.0
Latest non-vulnerable version	0.11.0
Risk	3.1

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-c9kw-yt2m-xyc8 Aliases: CVE-2020-5243 GHSA-cmcx-xhr8-3w9p		0.7.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-x4tp-drnp-pyf6 Aliases: CVE-2021-21317 GHSA-p4pj-mg4r-x6v4		0.11.0 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-5ng1-aqw3-w7cy	ReDoS The programming library UA-Parser uses regular expressions to identify user agent strings. The complexity of the regular expressions is such that an attacker can craft special patterns that keep the server busy for a long time. By sending many requests in short order, an attacker can exhaust the amount of processing power available.	CVE-2018-20164 GHSA-fx7m-j728-mjw3

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-01T06:02:40.264504+00:00	GitLab Importer	Affected by	VCID-x4tp-drnp-pyf6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/uap-core/CVE-2021-21317.yml	38.6.0
2026-05-31T10:02:58.572215+00:00	GitLab Importer	Affected by	VCID-c9kw-yt2m-xyc8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/uap-core/CVE-2020-5243.yml	38.6.0
2026-05-30T20:54:47.293376+00:00	GitLab Importer	Fixing	VCID-5ng1-aqw3-w7cy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/uap-core/CVE-2018-20164.yml	38.6.0