Lucene search
K

11 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in node-moment

Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability affects users of Moment.js on npm server versions between 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch the moment locale...

7.5CVSS6.5AI score0.05664EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1677

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.05664EPSS
Exploits0References35
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/22 10:57 a.m.7 views

Security Bulletin: Vulnerability in moment.js affects IBM Integrated Analytics System [CVE-2022-31129]

Summary The moment.js package is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addresed the applicable CVE CVE-2022-31129. Vulnerability Details CVEID:CVE-2022-31129 DESCRIPTION: moment is a JavaScript date library for parsing, validating, manipulating, and formatti...

7.5CVSS6.6AI score0.04923EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/04 9:22 p.m.29 views

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to Path Traversal in Moment.js (CVE-2022-24785)

Summary Moment.js is used by IBM Storage Fusion Data Foundation in noobaa-core-container and Ceph as part of Storage. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2022-24785. Vulnerability Details CVEID:CVE-2022-24785...

7.5CVSS7AI score0.05664EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/01/31 1:18 p.m.6 views

nodejs-moment: Regular expression denial of service

The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055...

7.5CVSS7.3AI score0.03673EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/11/28 2:39 p.m.5 views

moment: inefficient parsing algorithm resulting in DoS

A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...

7.5CVSS6.8AI score0.04923EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/08/31 4:58 p.m.4 views

moment: inefficient parsing algorithm resulting in DoS

A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...

7.5CVSS6.8AI score0.04923EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/08/31 3:0 p.m.2 views

moment: inefficient parsing algorithm resulting in DoS

A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...

7.5CVSS6.8AI score0.04923EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2022/04/04 12:0 a.m.7 views

CVE-2022-24785 Path Traversal in Moment.js

Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm server users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This...

7.5CVSS7.5AI score0.05664EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/04/04 12:0 a.m.5 views

PT-2022-16878

Name of the Vulnerable Software and Affected Versions Moment.js versions 1.0.1 through 2.29.1 Description A path traversal vulnerability impacts npm server users of Moment.js, especially if a user-provided locale string is directly used to switch moment locale. This issue allows an unauthenticate...

7.8CVSS7.3AI score0.05664EPSS
Exploits0References64
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.35 views

Moment.js < 2.19.3 Regular Expression Denial of Service

According to its self-reported version number, Moment.js is prior to 2.19.3. Therefore, it may be affected by a regular expression denial of service vulnerability when parsing dates as string. Note that the scanner has not tested for these issues but has instead relied only on the application's...

7.5CVSS7.2AI score0.03673EPSS
Exploits0References2
Rows per page
Query Builder