All vulnerabilities

CVE-2017-18214

Regular Expression Denial of Service in moment

Description

Affected versions of moment are vulnerable to a low severity regular expression denial of service when parsing dates as strings.

Recommendation

Update to version 2.19.3 or later.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Score
7.5
Severity
High
Ecosystem
JavaScript
Publish Date
March 5, 2018
Modified Date
November 7, 2023
Score Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Versions