Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
momentjs moment vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-18214
The moment module prior to 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.
Momentjs Moment
Tenable Nessus
4 Github repositories
6.5
CVSSv3
CVE-2016-4055
The duration function in the moment package prior to 2.11.2 for Node.js allows remote malicious users to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)."
Momentjs Moment
Tenable Nessus
Oracle Primavera Unifier
2 Github repositories
7.5
CVSSv3
CVE-2022-31129
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried ...
Momentjs Moment
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2022-24785
Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch mom...
Momentjs Moment
Tenable Tenable.sc
Netapp Active Iq -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2023-22467
Luxon is a library for working with dates and times in JavaScript. On the 1.x branch before 1.38.1, the 2.x branch before 2.5.2, and the 3.x branch on 3.2.1, Luxon's `DateTime.fromRFC2822() has quadratic (N^2) complexity on some specific inputs. This causes a noticeable slow...
Momentjs Luxon
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started