Improper Handling of Exceptional Conditions
CVE-2022-23496
Summary
Yet Another UserAgent Analyzer (Yauaa) is a java library that tries to parse and analyze the `useragent` string and extract as many relevant attributes as possible. Applications using the Client Hints analysis feature in versions 7.0.0 prior to 7.9.0 can crash because the Yauaa library throws an `ArrayIndexOutOfBoundsException`. If uncaught the exception will result in a program crash. Applications that do not use this feature are not affected. Users unable to upgrade may catch and discard any `ArrayIndexOutOfBoundsException` thrown by the Yauaa library.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- NONE
- HIGH
CWE-755 - Improper Handling of Exceptional Conditions
The software does not handle or incorrectly handles an exceptional condition.
References
Advisory Timeline
- Published