15 matches found
Azure Linux 3.0 Security Update: ntopng / reaper (CVE-2017-18214)
The version of ntopng / reaper installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-18214 advisory. - The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via ...
CVE-2017-18214 affecting package ntopng for versions less than 5.2.1-4
CVE-2017-18214 affecting package ntopng for versions less than 5.2.1-4. A patched version of the package is available...
CVE-2017-18214 affecting package reaper for versions less than 3.1.1-10
CVE-2017-18214 affecting package reaper for versions less than 3.1.1-10. A patched version of the package is available...
Security Bulletin: Multiple vulnerabilities in moment.js affect IBM Storage Scale
Summary There are multiple vulnerabilities in moment.js, used by IBM Storage Scale HDFS transparency, which can cause a denial of service or allow a remote attacker to traverse directories on the system. CVE-2017-18214, CVE-2022-24785, CVE-2016-4055, CVE-2022-31129. Vulnerability Details...
Ubuntu 16.04 ESM : Moment.js vulnerabilities (USN-4786-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4786-1 advisory. It was discovered that Moment.js mishandled certain regular expressions. An attacker could use this vulnerability to cause a denial of service. Tenable h...
SUSE CVE-2017-18214
The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055...
Atlassian Jira < 8.20.9 / 8.22.0 (JRASERVER-73244)
The version of Atlassian Jira installed on the remote host is prior to 8.20.9 / 8.22.0. It is, therefore, affected by a vulnerability as referenced in the JRASERVER-73244 advisory. - Outdated Moment.js in Jira Server CVE-2017-18214, CVE-2016-4055 CVE-2017-18214 Note that Nessus has not tested for...
Upgrade Moment.js to 2.22.1+ as required for CVE-2017-18214, CVE-2016-4055
Affected versions of Atlassian Jira Server and Data Center used versions of Moment.js that were vulnerable to CVE-2017-18214 and CVE-2016-4055. The affected versions of Atlassian Jira Server and Data Center are before version 8.22.0. Affected versions: version 8.22.0 Fixed versions: 9.3.1/9.4.0...
Tenable Nessus < 8.3.0 Multiple Vulnerabilities (TNS-2019-02)
Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...
Tenable Nessus < 8.3.0 Multiple Vulnerabilities (TNS-2019-02)
According to its self-reported version, the Tenable Nessus application running on the remote host is prior to 8.3.0. It is, therefore, affected by: - An information disclosure vulnerability exists in OpenSSL. A remote attacker may be able to obtain sensitive information, caused by the failure to...
UBUNTU-CVE-2017-18214
The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055...
CVE-2017-18214
The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055...
CVE-2017-18214
The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055...
CVE-2017-18214
CVE-2017-18214 affects the Moment.js Node.js module prior to 2.19.3, enabling a regular-expression denial-of-service (ReDoS) via a crafted date string. The issue is described as a separate vulnerability from CVE-2016-4055, with practical risk being CPU exhaustion leading to potential denial of se...
CVE-2017-18214
The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055...