The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.

References

github.com/moment/moment/issues/4163

nodesecurity.io/advisories/532

www.tenable.com/security/tns-2019-02

openvas 2

osv 5

nessus 7

prion 2

ubuntu 1

redhatcve 1

ubuntucve 2

debiancve 2

cve 2

nvd 2

atlassian 1

ibm 12

veracode 1

github 2

cvelist 1

nodejs 1

ics 1

redhat 4

oracle 1

openvas

Ubuntu: Security Advisory (USN-4786-1)

2023-01-27 00:00:00

Tenable Nessus < 8.3.0 Multiple Vulnerabilities (TNS-2019-02)

2019-04-02 00:00:00

osv

node-moment vulnerabilities

2021-03-15 21:04:13

CVE-2017-18214

2018-03-04 21:29:00

Regular Expression Denial of Service in moment

2018-03-05 18:35:09

nessus

Ubuntu 16.04 ESM : Moment.js vulnerabilities (USN-4786-1)

2023-10-23 00:00:00

Atlassian Jira < 8.20.9 / 8.22.0 (JRASERVER-73244)

2022-07-06 00:00:00

Tenable Nessus < 8.3.0 Multiple Vulnerabilities (TNS-2019-02)

2019-03-28 00:00:00

prion

Design/Logic Flaw

2018-03-04 21:29:00

Deserialization of untrusted data

2017-01-23 21:59:00

ubuntu

Moment.js vulnerabilities

2021-03-15 00:00:00

redhatcve

CVE-2017-18214

2018-03-08 20:19:26

ubuntucve

CVE-2017-18214

2018-03-04 00:00:00

CVE-2016-4055

2017-01-23 00:00:00

debiancve

CVE-2017-18214

2018-03-04 21:29:00

CVE-2016-4055

2017-01-23 21:59:01

cve

CVE-2017-18214

2018-03-04 21:29:00

CVE-2016-4055

2017-01-23 21:59:01

nvd

CVE-2017-18214

2018-03-04 21:29:00

CVE-2016-4055

2017-01-23 21:59:01

atlassian

Upgrade Moment.js to 2.22.1+ as required for CVE-2017-18214, CVE-2016-4055

2022-02-01 19:34:22

ibm

Security Bulletin: Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE) (CVE-2017-18214, CVE-2016-4055, CVE-2021-20413)

2021-06-25 09:04:16

Security Bulletin: Multiple vulnerabilities in moment.js affect IBM Storage Scale

2024-05-08 07:15:59

Security Bulletin: There is a vulnerability in moment.js used by IBM Jazz Reporting Service (CVE-2022-24785)

2023-10-04 10:43:28

veracode

Regular Expression Denial Of Service (ReDoS)

2017-10-23 05:05:52

github

Regular Expression Denial of Service in moment

2018-03-05 18:35:09

Regular Expression Denial of Service in moment

2017-10-24 18:33:35

cvelist

CVE-2016-4055

2017-01-23 21:00:00

nodejs

Regular Expression Denial of Service

2015-10-26 23:19:57

ics

Mitsubishi Electric EcoWebServerIII

2022-02-24 12:00:00

redhat

(RHSA-2023:0552) Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update

2023-01-31 13:04:41

(RHSA-2023:0553) Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update

2023-01-31 13:04:53

(RHSA-2023:0554) Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update

2023-01-31 13:05:09

oracle

CPU July 2018

2018-07-17 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.6 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.8%

JSON

Related for CVELIST:CVE-2017-18214