4 matches found
moment: inefficient parsing algorithm resulting in DoS
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...
moment: inefficient parsing algorithm resulting in DoS
A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service ReDoS attacks...
Moment.js 资源管理错误漏洞
Moment.js is a JavaScript date library. It is used to parse, validate, manipulate and format dates. Moment.js has a security vulnerability that stems from the use of an inefficient parsing algorithm. Users passing user-supplied strings to the moment constructor without sound length checking are...
Remote Code Execution (RCE)
symphonycms/symphony-2 is vulnerable to remote code execution RCE. This is due to a lack of sanitization on user input strings, allowing a malicious user to inject and execute arbitrary script through symphony/content/content.blueprintsdatasources.php...