Moment
This hub aggregates every CVE we track for Moment, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3MEDIUM1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Moment.
- CVE-2022-31129Inefficient Regular Expression Complexity in moment7.5
- CVE-2022-24785Path Traversal in Moment.js7.5
- CVE-2017-18214The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.7.5
- CVE-2016-4055The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of S...6.5
Product normalization is registry-driven with AI assist and human review. How it works