Executive Summary

Informations
NameCVE-2017-18214First vendor Publication2018-03-04
VendorCveLast vendor Modification2019-03-27

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18214

CWE : Common Weakness Enumeration

%idName
100 %CWE-400Uncontrolled Resource Consumption ('Resource Exhaustion')

CPE : Common Platform Enumeration

TypeDescriptionCount
Application2
Application91

Sources (Detail)

SourceUrl
CONFIRM https://github.com/moment/moment/issues/4163
https://nodesecurity.io/advisories/532
https://www.tenable.com/security/tns-2019-02

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
DateInformations
2019-07-30 12:09:30
  • Multiple Updates
2019-07-06 12:01:58
  • Multiple Updates
2019-07-04 12:08:47
  • Multiple Updates
2019-03-27 21:19:29
  • Multiple Updates
2019-03-27 09:19:13
  • Multiple Updates
2018-03-26 21:20:19
  • Multiple Updates
2018-03-05 05:18:42
  • First insertion