First published: Sun Mar 04 2018(Updated: )
Node.js moment module is vulnerable to a denial of service. A remote attacker could exploit this vulnerability to cause a low severity regular expression denial of service.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Momentjs Moment | <=2.19.2 | |
Tenable Nessus | <=8.2.3 | |
redhat/moment | <2.19.3 | 2.19.3 |
IBM GDE | <=4.0.0.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2017-18214.
The severity level of CVE-2017-18214 is high.
The affected software for CVE-2017-18214 is Node.js moment module before 2.19.3.
A remote attacker could exploit CVE-2017-18214 to cause a low severity regular expression denial of service.
You can find more information about CVE-2017-18214 at the following references: [Reference 1](https://access.redhat.com/security/cve/CVE-2016-4055), [Reference 2](https://github.com/moment/moment/pull/4326), [Reference 3](https://github.com/moment/moment/issues/4163).