[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2017-18214":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":86,"aliases":87,"duplicate_of":9,"upstream":89,"downstream":90,"duplicates":103,"related":104,"reserved_at":9,"published_at":105,"modified_at":106,"state":107,"summary":108,"references_raw":117,"kevs":165,"epss":166,"epss_history":169,"metrics":433,"affected":445},"CVE-2017-18214","The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-400","Uncontrolled Resource Consumption","The product does not properly control the allocation and maintenance of a limited resource.","weakness","Draft","Class","High",[20,24,82],{"id":21,"name":22,"techniques":23},"CAPEC-147","XML Ping of the Death",[],{"id":25,"name":26,"techniques":27},"CAPEC-227","Sustained Client Engagement",[28],{"id":29,"name":30,"tactics":31,"countermeasures":35},"T1499","Endpoint Denial of Service",[32],{"id":33,"name":34},"TA0105","Impact",[36,41,45,49,53,57,61,65,69,73,78],{"id":37,"name":38,"tactic":39},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":40},"Detect",{"id":42,"name":43,"tactic":44},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":40},{"id":46,"name":47,"tactic":48},"D3-CSPP","Client-server Payload Profiling",{"name":40},{"id":50,"name":51,"tactic":52},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":40},{"id":54,"name":55,"tactic":56},"D3-NTSA","Network Traffic Signature Analysis",{"name":40},{"id":58,"name":59,"tactic":60},"D3-APCA","Application Protocol Command Analysis",{"name":40},{"id":62,"name":63,"tactic":64},"D3-NTCD","Network Traffic Community Deviation",{"name":40},{"id":66,"name":67,"tactic":68},"D3-RTSD","Remote Terminal Session Detection",{"name":40},{"id":70,"name":71,"tactic":72},"D3-ISVA","Inbound Session Volume Analysis",{"name":40},{"id":74,"name":75,"tactic":76},"D3-NTF","Network Traffic Filtering",{"name":77},"Isolate",{"id":79,"name":80,"tactic":81},"D3-ITF","Inbound Traffic Filtering",{"name":77},{"id":83,"name":84,"techniques":85},"CAPEC-492","Regular Expression Exponential Blowup",[],[],[88],"GHSA-446m-mv8f-q348",[],[91,93,95,97,99,101],{"_key":92},"UBUNTU-CVE-2017-18214",{"_key":94},"DEBIAN-CVE-2017-18214",{"_key":96},"USN-4786-1",{"_key":98},"RHSA-2023:0552",{"_key":100},"RHSA-2023:0553",{"_key":102},"RHSA-2023:0554",[],[],"2018-03-04T21:00:00.000Z","2024-08-05T21:13:49.174Z","Modified",{"cisa_kev":109,"cisa_ransomware":109,"cisa_vendor":9,"epss_severity":110,"epss_score":111,"severity":112,"severity_score":113,"severity_version":114,"severity_source":115,"severity_vector":116,"severity_status":107},false,"low",0.0023,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[118,128,134,139,144,148,152,156,161],{"url":119,"sources":120,"tags":123},"https://github.com/moment/moment/issues/4163",[121,115,122],"cve.org","osv_npm",[124,125,126,127],"X Refsource CONFIRM","Issue Tracking","Third Party Advisory","WEB",{"url":129,"sources":130,"tags":131},"https://nodesecurity.io/advisories/532",[121,115],[124,132,133],"Not Applicable","URL Repurposed",{"url":135,"sources":136,"tags":137},"https://www.tenable.com/security/tns-2019-02",[121,115,122],[124,138,126,127],"Patch",{"url":140,"sources":141,"tags":142},"https://nvd.nist.gov/vuln/detail/CVE-2017-18214",[122],[143],"Advisory",{"url":145,"sources":146,"tags":147},"https://github.com/moment/moment/pull/4326",[122],[127],{"url":149,"sources":150,"tags":151},"https://github.com/moment/moment/commit/69ed9d44957fa6ab12b73d2ae29d286a857b80eb",[122],[127],{"url":153,"sources":154,"tags":155},"https://github.com/advisories/GHSA-446m-mv8f-q348",[122],[143],{"url":157,"sources":158,"tags":159},"https://github.com/moment/moment",[122],[160],"PACKAGE",{"url":162,"sources":163,"tags":164},"https://www.npmjs.com/advisories/532",[122],[127],[],{"date":167,"score":111,"percentile":168},"2026-06-04",0.45911,[170,174,177,180,183,186,189,192,195,198,201,204,207,210,213,216,219,222,225,228,231,234,237,240,243,246,249,252,256,259,262,265,268,271,274,277,280,283,286,289,292,295,298,301,304,307,310,313,316,319,322,325,328,330,333,336,339,342,345,348,351,354,357,360,362,365,367,370,372,375,377,380,383,386,389,392,395,398,401,403,405,408,411,414,417,419,422,425,427,429],{"date":171,"score":172,"percentile":173},"2025-11-04",0.00322,0.54748,{"date":175,"score":172,"percentile":176},"2025-11-05",0.54712,{"date":178,"score":172,"percentile":179},"2025-11-06",0.54726,{"date":181,"score":172,"percentile":182},"2025-11-07",0.54749,{"date":184,"score":172,"percentile":185},"2025-11-08",0.5475,{"date":187,"score":172,"percentile":188},"2025-11-09",0.54745,{"date":190,"score":172,"percentile":191},"2025-11-10",0.54721,{"date":193,"score":172,"percentile":194},"2025-11-11",0.54735,{"date":196,"score":172,"percentile":197},"2025-11-12",0.5476,{"date":199,"score":172,"percentile":200},"2025-11-13",0.54768,{"date":202,"score":172,"percentile":203},"2025-11-14",0.54767,{"date":205,"score":172,"percentile":206},"2025-11-15",0.54761,{"date":208,"score":172,"percentile":209},"2025-11-16",0.54741,{"date":211,"score":172,"percentile":212},"2025-11-17",0.54728,{"date":214,"score":172,"percentile":215},"2025-11-18",0.52259,{"date":217,"score":172,"percentile":218},"2025-11-19",0.52271,{"date":220,"score":172,"percentile":221},"2025-11-20",0.5226,{"date":223,"score":172,"percentile":224},"2025-11-21",0.54742,{"date":226,"score":172,"percentile":227},"2025-11-22",0.54736,{"date":229,"score":172,"percentile":230},"2025-11-23",0.54704,{"date":232,"score":172,"percentile":233},"2025-11-24",0.54698,{"date":235,"score":172,"percentile":236},"2025-11-25",0.54705,{"date":238,"score":172,"percentile":239},"2025-11-26",0.54709,{"date":241,"score":172,"percentile":242},"2025-11-27",0.54713,{"date":244,"score":172,"percentile":245},"2025-11-28",0.54686,{"date":247,"score":172,"percentile":248},"2025-11-29",0.54669,{"date":250,"score":172,"percentile":251},"2025-11-30",0.54662,{"date":253,"score":254,"percentile":255},"2025-12-01",0.00243,0.47565,{"date":257,"score":254,"percentile":258},"2025-12-02",0.47579,{"date":260,"score":254,"percentile":261},"2025-12-03",0.47572,{"date":263,"score":172,"percentile":264},"2025-12-04",0.54666,{"date":266,"score":172,"percentile":267},"2025-12-05",0.54684,{"date":269,"score":172,"percentile":270},"2025-12-06",0.54683,{"date":272,"score":172,"percentile":273},"2025-12-07",0.54675,{"date":275,"score":172,"percentile":276},"2025-12-08",0.54678,{"date":278,"score":172,"percentile":279},"2025-12-09",0.54695,{"date":281,"score":172,"percentile":282},"2025-12-10",0.54753,{"date":284,"score":172,"percentile":285},"2025-12-11",0.54775,{"date":287,"score":172,"percentile":288},"2025-12-12",0.54803,{"date":290,"score":172,"percentile":291},"2025-12-13",0.54796,{"date":293,"score":172,"percentile":294},"2025-12-14",0.54792,{"date":296,"score":172,"percentile":297},"2025-12-15",0.54783,{"date":299,"score":172,"percentile":300},"2025-12-16",0.54797,{"date":302,"score":172,"percentile":303},"2025-12-17",0.5482,{"date":305,"score":172,"percentile":306},"2025-12-18",0.54858,{"date":308,"score":172,"percentile":309},"2025-12-19",0.54861,{"date":311,"score":172,"percentile":312},"2025-12-20",0.54851,{"date":314,"score":172,"percentile":315},"2025-12-21",0.54828,{"date":317,"score":172,"percentile":318},"2025-12-22",0.54805,{"date":320,"score":172,"percentile":321},"2025-12-23",0.54809,{"date":323,"score":172,"percentile":324},"2025-12-24",0.54818,{"date":326,"score":172,"percentile":327},"2025-12-25",0.54864,{"date":329,"score":172,"percentile":306},"2025-12-26",{"date":331,"score":172,"percentile":332},"2025-12-27",0.54904,{"date":334,"score":172,"percentile":335},"2025-12-28",0.54825,{"date":337,"score":172,"percentile":338},"2025-12-29",0.54808,{"date":340,"score":172,"percentile":341},"2025-12-30",0.54802,{"date":343,"score":172,"percentile":344},"2025-12-31",0.54815,{"date":346,"score":254,"percentile":347},"2026-01-01",0.47698,{"date":349,"score":254,"percentile":350},"2026-01-02",0.47676,{"date":352,"score":254,"percentile":353},"2026-01-03",0.47663,{"date":355,"score":172,"percentile":356},"2026-01-04",0.54787,{"date":358,"score":172,"percentile":359},"2026-01-05",0.54774,{"date":361,"score":172,"percentile":297},"2026-01-06",{"date":363,"score":172,"percentile":364},"2026-01-07",0.54807,{"date":366,"score":172,"percentile":315},"2026-01-08",{"date":368,"score":172,"percentile":369},"2026-01-09",0.54821,{"date":371,"score":172,"percentile":303},"2026-01-10",{"date":373,"score":172,"percentile":374},"2026-01-11",0.54798,{"date":376,"score":172,"percentile":282},"2026-01-12",{"date":378,"score":172,"percentile":379},"2026-01-13",0.54731,{"date":381,"score":172,"percentile":382},"2026-01-14",0.54779,{"date":384,"score":172,"percentile":385},"2026-01-15",0.54781,{"date":387,"score":172,"percentile":388},"2026-01-16",0.54804,{"date":390,"score":172,"percentile":391},"2026-01-17",0.54795,{"date":393,"score":172,"percentile":394},"2026-01-18",0.54788,{"date":396,"score":172,"percentile":397},"2026-01-19",0.54777,{"date":399,"score":172,"percentile":400},"2026-01-20",0.5478,{"date":402,"score":172,"percentile":297},"2026-01-21",{"date":404,"score":172,"percentile":356},"2026-01-22",{"date":406,"score":172,"percentile":407},"2026-01-23",0.5483,{"date":409,"score":172,"percentile":410},"2026-01-24",0.54831,{"date":412,"score":172,"percentile":413},"2026-01-25",0.54791,{"date":415,"score":172,"percentile":416},"2026-01-26",0.54776,{"date":418,"score":172,"percentile":394},"2026-01-27",{"date":420,"score":172,"percentile":421},"2026-01-28",0.54801,{"date":423,"score":172,"percentile":424},"2026-01-29",0.548,{"date":426,"score":172,"percentile":318},"2026-01-30",{"date":428,"score":172,"percentile":321},"2026-01-31",{"date":430,"score":431,"percentile":432},"2026-02-01",0.00235,0.46304,[434,443],{"source":115,"cvss_v2_0":435,"cvss_v3_0":9,"cvss_v3_1":440,"cvss_v4_0":9},{"baseScore":436,"baseSeverity":9,"vectorString":437,"impactScore":438,"exploitabilityScore":439},5,"AV:N/AC:L/Au:N/C:N/I:N/A:P",2.9,10,{"baseScore":113,"baseSeverity":441,"vectorString":116,"impactScore":442,"exploitabilityScore":439},"HIGH",6,{"source":122,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":444,"cvss_v4_0":9},{"baseScore":113,"baseSeverity":9,"vectorString":116,"impactScore":442,"exploitabilityScore":439},[446,457,466],{"ecosystem":9,"name":447,"vendor":448,"product":447,"cpe_part":449,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":450},"moment","momentjs","a",[451],{"version":452,"is_range":453,"range_type":454,"version_start":9,"version_start_type":9,"version_end":455,"version_end_type":456,"fixed_in":9},"lte2.19.2",true,"cpe","2.19.2","including",{"ecosystem":458,"name":447,"vendor":458,"product":447,"cpe_part":9,"purl_type":459,"purl_namespace":9,"purl_name":447,"source":9,"versions":460},"Npm","npm",[461],{"version":462,"is_range":453,"range_type":463,"version_start":9,"version_start_type":9,"version_end":464,"version_end_type":465,"fixed_in":9},"lt2_19_3","semver","2.19.3","excluding",{"ecosystem":9,"name":467,"vendor":468,"product":467,"cpe_part":449,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":469},"nessus","tenable",[470],{"version":471,"is_range":453,"range_type":454,"version_start":9,"version_start_type":9,"version_end":472,"version_end_type":456,"fixed_in":9},"lte8.2.3","8.2.3"]