All vulnerabilities
CVE-2017-18214
Regular Expression Denial of Service in moment
Description
Affected versions of moment are vulnerable to a low severity regular expression denial of service when parsing dates as strings.
Recommendation
Update to version 2.19.3 or later.
Patch Available
Fix available through Seal Security. No upgrade required, protect your application instantly.
Fix without upgrading
Score
7.5
Severity
High
Ecosystem
JavaScript
Publish Date
March 5, 2018
Modified Date
November 7, 2023
Score Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Versions

