CVE-2017-18214
Published Mar 4, 2018
·Updated
Node.js moment module is vulnerable to a denial of service. A remote attacker could exploit this vulnerability to cause a low severity regular expression denial of service.
Affected Software
3 affected componentsFixes available
Momentjs Moment Node.js<=2.19.2
Tenable Nessus<=8.2.3
redhat/moment<2.19.3
2.19.3
Remediation
Patch Available
Event History
Mar 4, 2018
CVE Published
via MITRE·09:00 PM
Data Sourced
via MITRE·09:00 PM
Description
Mar 8, 2018
Data Sourced
via Red Hat·07:54 PM
DescriptionSeverityAffected Software
Sep 6, 2022
Data Sourced
via IBM·12:00 AM
DescriptionSeverityAffected Software
Frequently Asked Questions
1
What is the vulnerability ID for this issue?
The vulnerability ID is CVE-2017-18214.
2
What is the severity level of CVE-2017-18214?
The severity level of CVE-2017-18214 is high.
3
What is the affected software for CVE-2017-18214?
The affected software for CVE-2017-18214 is Node.js moment module before 2.19.3.
4
How can a remote attacker exploit CVE-2017-18214?
A remote attacker could exploit CVE-2017-18214 to cause a low severity regular expression denial of service.
5
Where can I find more information about CVE-2017-18214?
You can find more information about CVE-2017-18214 at the following references: [Reference 1](https://access.redhat.com/security/cve/CVE-2016-4055), [Reference 2](https://github.com/moment/moment/pull/4326), [Reference 3](https://github.com/moment/moment/issues/4163).