CVE-2017-18214

Published March 4th, 2018

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECT

Description

The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.

moment/moment

Parse, validate, manipulate, and display dates in javascript.

GitHub

48K