Regular Expression Denial of Service

Module: moment

Published: November 27th, 2017

Reported by: Cristian-Alexandru Staicu

CVE-NONE

CWE-

Vulnerable: <2.19.3
Patched: >=2.19.3

Overview

Moment is vulnerable to a low severity regular expression denial of service vulnerability.

Remediation

Update to version 2.19.3

References

Sign up FREE for
nsp Continuous Security

Free for open source and the first private repo,
then just $1/mo per private repo