Lucene search
K

26 matches found

OSV
OSV
added 2026/06/04 8:52 p.m.4 views

ROOT-APP-NPM-CVE-2022-31129 CVE-2022-31129 in @rootio/moment - Patched by Root

Root has patched CVE-2022-31129 in the @rootio/moment package for Root:npm. Multiple fixed versions available...

7.5CVSS7.9AI score0.04923EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in node-moment

moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Versions of moment that were affected use an inefficient parsing algorithm. Specifically, the string-to-date parsing method used by moment more precisely, the rfc2822 parsing method, which is used by...

7.5CVSS6.4AI score0.04923EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/10/14 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-31129

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient...

7.5CVSS6.6AI score0.04923EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6433

Malicious code in bioql PyPI...

7.5CVSS6.7AI score0.04923EPSS
Exploits1References47
Gitee
Gitee
added 2025/09/27 12:22 a.m.203 views

moment-timezone

This repository is an add-on for Moment.js, a JavaScript library for working with dates and times. It provides support for timezones, allowing users to easily work with dates and times in different timezones. The repository contains a variety of files, including a Gruntfile.js, which is used to...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/04/28 12:20 a.m.5 views

Moment.js: Path traversal in moment.locale

A path traversal vulnerability was found in Moment.js that impacts npm server users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity...

7.5CVSS6.6AI score0.05664EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.38 views

Fedora 39 : python-notebook (2023-3256575fc8)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3256575fc8 advisory. Automatic update for python-notebook-7.0.0-1.fc39. Changelog Thu Jul 20 2023 Lumir Balhar - 7.0.0-1 - Update to 7.0.0 rhbz2224039 Mon Jul 10 2023...

7.5CVSS6.8AI score0.05664EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/06/15 9:19 a.m.3 views

moment: inefficient parsing algorithm resulting in DoS

A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...

7.5CVSS6.8AI score0.04923EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/03/01 10:2 p.m.5 views

Moment.js: Path traversal in moment.locale

A path traversal vulnerability was found in Moment.js that impacts npm server users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity...

7.5CVSS6.8AI score0.05664EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/03/01 10:2 p.m.4 views

moment: inefficient parsing algorithm resulting in DoS

A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...

7.5CVSS6.8AI score0.04923EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.5 views

moment: inefficient parsing algorithm resulting in DoS

A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...

7.5CVSS6.8AI score0.04923EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.5 views

moment: inefficient parsing algorithm resulting in DoS

A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...

7.5CVSS6.8AI score0.04923EPSS
Exploits1References5
OSV
OSV
added 2022/08/10 11:13 a.m.1 views

USN-5559-1 node-moment vulnerabilities

It was discovered that Moment.js incorrectly handled certain input paths. An attacker could possibly use this issue to cause a loss of integrity by changing the correct path to one of their choice. CVE-2022-24785 It was discovered that Moment.js incorrectly handled certain input. An attacker coul...

7.5CVSS6.8AI score0.05664EPSS
Exploits1References3
OSV
OSV
added 2022/07/06 6:15 p.m.3 views

DEBIAN-CVE-2022-31129

moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, which is tried by default has...

7.5CVSS6.4AI score0.04923EPSS
Exploits1References1
OSV
OSV
added 2022/07/06 6:15 p.m.6 views

UBUNTU-CVE-2022-31129

moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, which is tried by default has...

7.5CVSS6.6AI score0.04923EPSS
Exploits1References6
OSV
OSV
added 2022/07/06 12:0 a.m.34 views

CVE-2022-31129 Inefficient Regular Expression Complexity in moment

moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, which is tried by default has...

7.5CVSS6.5AI score0.04923EPSS
Exploits1References13
Cvelist
Cvelist
added 2022/07/06 12:0 a.m.36 views

CVE-2022-31129 Inefficient Regular Expression Complexity in moment

moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, which is tried by default has...

7.5CVSS7.8AI score0.04923EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2022/07/06 12:0 a.m.3 views

CVE-2022-31129 Inefficient Regular Expression Complexity in moment

moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, which is tried by default has...

7.5CVSS7.8AI score0.04923EPSS
Exploits1References10
ATTACKERKB
ATTACKERKB
added 2022/07/06 12:0 a.m.110 views

CVE-2022-31129

moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, which is tried by default has...

7.5CVSS7.7AI score0.04923EPSS
In wildExploits1References15
OSV
OSV
added 2022/04/04 9:25 p.m.3 views

GHSA-8HFJ-J24R-96C4 Path Traversal: 'dir/../../filename' in moment.locale

Impact This vulnerability impacts npm server users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale. Patches This problem is patched in 2.29.2, and the patch can be applied to all affected versions from 1.0.1 up until 2.29.1, inclusive...

7.5CVSS6.8AI score0.05664EPSS
Exploits0References12
Rows per page
Query Builder