Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2020/09/04 4:55 p.m.4 views

@conga/framework-dashboard (>=2.0.0 <=2.1.0), @dsbn/vue-auth (=0.0.1) +28 more potentially affected by unknown CVE via vue-moment (>=1.0.8 <=4.0.0)

vue-moment NPM version =1.0.8, =2.0.0, =1.0.3, =1.0.0, =1.0.40, =1.0.1, =0.0.1, =0.0.1, =6.1.0, =0.3.3, =0.1.2, =1.0.0, =1.0.3 and more Source cves: unknown CVE Source advisory: OSV:GHSA-HRPP-F84W-XHFG...

5.5AI score
Exploits0
Github Security Blog
Github Security Blog
added 2020/09/04 4:55 p.m.22 views

Outdated Static Dependency in vue-moment

Versions of vue-moment prior to 4.1.0 contain an Outdated Static Dependency. The package depends on moment and has it loaded statically instead of as a dependency that can be updated. It has [email protected] that contains a Regular Expression Denial of Service vulnerability. Recommendation Upgrade t...

5AI score
Exploits0References5Affected Software1
OSV
OSV
added 2020/09/04 4:55 p.m.17 views

GHSA-HRPP-F84W-XHFG Outdated Static Dependency in vue-moment

Versions of vue-moment prior to 4.1.0 contain an Outdated Static Dependency. The package depends on moment and has it loaded statically instead of as a dependency that can be updated. It has [email protected] that contains a Regular Expression Denial of Service vulnerability. Recommendation Upgrade t...

5.3CVSS7AI score
Exploits0References5
Veracode
Veracode
added 2019/12/24 6:7 a.m.11 views

Regular Expression Denial Of Service (ReDoS)

vue-moment is vulnerable to regular expression denial of service ReDoS attacks. These attacks are possible because it has a vulnerable static dependency which uses a flawed regular expression taking long time in matching dates for long strings...

2.9AI score
Exploits0
Node.js
Node.js
added 2019/12/06 8:7 p.m.18 views

Outdated Static Dependency

Overview Versions of vue-moment prior to 4.1.0 contain an Outdated Static Dependency. The package depends on moment and has it loaded statically instead of as a dependency that can be updated. It has [email protected] that contains a Regular Expression Denial of Service vulnerability. Recommendation...

6.8AI score
Exploits0Affected Software1
Rows per page
Query Builder