26 matches found
ROOT-APP-NPM-CVE-2022-31129 CVE-2022-31129 in @rootio/moment - Patched by Root
Root has patched CVE-2022-31129 in the @rootio/moment package for Root:npm. Multiple fixed versions available...
Astra Linux – Vulnerability in node-moment
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Versions of moment that were affected use an inefficient parsing algorithm. Specifically, the string-to-date parsing method used by moment more precisely, the rfc2822 parsing method, which is used by...
Linux Distros Unpatched Vulnerability : CVE-2022-31129
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient...
EUVD-2022-6433
Malicious code in bioql PyPI...
moment-timezone
This repository is an add-on for Moment.js, a JavaScript library for working with dates and times. It provides support for timezones, allowing users to easily work with dates and times in different timezones. The repository contains a variety of files, including a Gruntfile.js, which is used to...
Moment.js: Path traversal in moment.locale
A path traversal vulnerability was found in Moment.js that impacts npm server users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity...
Fedora 39 : python-notebook (2023-3256575fc8)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3256575fc8 advisory. Automatic update for python-notebook-7.0.0-1.fc39. Changelog Thu Jul 20 2023 Lumir Balhar - 7.0.0-1 - Update to 7.0.0 rhbz2224039 Mon Jul 10 2023...
moment: inefficient parsing algorithm resulting in DoS
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...
Moment.js: Path traversal in moment.locale
A path traversal vulnerability was found in Moment.js that impacts npm server users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity...
moment: inefficient parsing algorithm resulting in DoS
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...
moment: inefficient parsing algorithm resulting in DoS
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...
moment: inefficient parsing algorithm resulting in DoS
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...
USN-5559-1 node-moment vulnerabilities
It was discovered that Moment.js incorrectly handled certain input paths. An attacker could possibly use this issue to cause a loss of integrity by changing the correct path to one of their choice. CVE-2022-24785 It was discovered that Moment.js incorrectly handled certain input. An attacker coul...
DEBIAN-CVE-2022-31129
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, which is tried by default has...
UBUNTU-CVE-2022-31129
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, which is tried by default has...
CVE-2022-31129 Inefficient Regular Expression Complexity in moment
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, which is tried by default has...
CVE-2022-31129 Inefficient Regular Expression Complexity in moment
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, which is tried by default has...
CVE-2022-31129 Inefficient Regular Expression Complexity in moment
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, which is tried by default has...
CVE-2022-31129
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, which is tried by default has...
GHSA-8HFJ-J24R-96C4 Path Traversal: 'dir/../../filename' in moment.locale
Impact This vulnerability impacts npm server users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale. Patches This problem is patched in 2.29.2, and the patch can be applied to all affected versions from 1.0.1 up until 2.29.1, inclusive...