The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.
References
Link | Resource |
---|---|
https://github.com/moment/moment/issues/4163 | Issue Tracking Third Party Advisory |
https://nodesecurity.io/advisories/532 | Not Applicable URL Repurposed |
https://www.tenable.com/security/tns-2019-02 | Patch Third Party Advisory |
Configurations
History
14 Feb 2022, 18:03
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://nodesecurity.io/advisories/532 - Not Applicable, URL Repurposed |
Information
Published : 2018-03-04 21:29
Updated : 2024-02-04 19:46
NVD link : CVE-2017-18214
Mitre link : CVE-2017-18214
CVE.ORG link : CVE-2017-18214
JSON object : View
Products Affected
tenable
- nessus
momentjs
- moment
CWE
CWE-400
Uncontrolled Resource Consumption