Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ptd4-8f7f-hyg6
Summary
Moment.js vulnerable to Inefficient Regular Expression Complexity
### Impact

* using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs
* noticeable slowdown is observed with inputs above 10k characters
* users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks

### Patches
The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking.

### Workarounds
In general, given the proliferation of ReDoS attacks, it makes sense to limit the length of the user input to something sane, like 200 characters or less. I haven't seen legitimate cases of date-time strings longer than that, so all moment users who do pass a user-originating string to constructor are encouraged to apply such a rudimentary filter, that would help with this but also most future ReDoS vulnerabilities.

### References
There is an excellent writeup of the issue here: https://github.com/moment/moment/pull/6015#issuecomment-1152961973=

### Details
The issue is rooted in the code that removes legacy comments (stuff inside parenthesis) from strings during rfc2822 parsing. `moment("(".repeat(500000))` will take a few minutes to process, which is unacceptable.
Aliases
0
alias CVE-2022-31129
1
alias GHSA-wc69-rhjr-hc9g
Fixed_packages
0
url pkg:deb/debian/node-moment@2.29.1%2Bds-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/node-moment@2.29.1%2Bds-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-moment@2.29.1%252Bds-2%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/node-moment@2.29.1%2Bds-2%2Bdeb11u2
purl pkg:deb/debian/node-moment@2.29.1%2Bds-2%2Bdeb11u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-moment@2.29.1%252Bds-2%252Bdeb11u2
2
url pkg:deb/debian/node-moment@2.29.4%2Bds-1?distro=trixie
purl pkg:deb/debian/node-moment@2.29.4%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-moment@2.29.4%252Bds-1%3Fdistro=trixie
3
url pkg:deb/debian/node-moment@2.30.1%2Bds-1?distro=trixie
purl pkg:deb/debian/node-moment@2.30.1%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-moment@2.30.1%252Bds-1%3Fdistro=trixie
4
url pkg:npm/moment@2.29.4
purl pkg:npm/moment@2.29.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.29.4
5
url pkg:nuget/Moment.js@2.29.4
purl pkg:nuget/Moment.js@2.29.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.29.4
Affected_packages
0
url pkg:deb/debian/node-moment@2.16.0%2Bds-1
purl pkg:deb/debian/node-moment@2.16.0%2Bds-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjwf-nuwg-4yc2
1
vulnerability VCID-kexn-gjxj-uudm
2
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-moment@2.16.0%252Bds-1
1
url pkg:deb/debian/node-moment@2.17.1%2Bds-1~bpo8%2B1
purl pkg:deb/debian/node-moment@2.17.1%2Bds-1~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjwf-nuwg-4yc2
1
vulnerability VCID-kexn-gjxj-uudm
2
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-moment@2.17.1%252Bds-1~bpo8%252B1
2
url pkg:deb/debian/node-moment@2.17.1%2Bds-1
purl pkg:deb/debian/node-moment@2.17.1%2Bds-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjwf-nuwg-4yc2
1
vulnerability VCID-kexn-gjxj-uudm
2
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-moment@2.17.1%252Bds-1
3
url pkg:deb/debian/node-moment@2.24.0%2Bds-1
purl pkg:deb/debian/node-moment@2.24.0%2Bds-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-moment@2.24.0%252Bds-1
4
url pkg:deb/debian/node-moment@2.29.1%2Bds-2
purl pkg:deb/debian/node-moment@2.29.1%2Bds-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-moment@2.29.1%252Bds-2
5
url pkg:npm/moment@2.18.0
purl pkg:npm/moment@2.18.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjwf-nuwg-4yc2
1
vulnerability VCID-gtht-4h82-pqg4
2
vulnerability VCID-kexn-gjxj-uudm
3
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.18.0
6
url pkg:npm/moment@2.18.1
purl pkg:npm/moment@2.18.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjwf-nuwg-4yc2
1
vulnerability VCID-gtht-4h82-pqg4
2
vulnerability VCID-kexn-gjxj-uudm
3
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.18.1
7
url pkg:npm/moment@2.19.0
purl pkg:npm/moment@2.19.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjwf-nuwg-4yc2
1
vulnerability VCID-gtht-4h82-pqg4
2
vulnerability VCID-kexn-gjxj-uudm
3
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.19.0
8
url pkg:npm/moment@2.19.1
purl pkg:npm/moment@2.19.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjwf-nuwg-4yc2
1
vulnerability VCID-gtht-4h82-pqg4
2
vulnerability VCID-kexn-gjxj-uudm
3
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.19.1
9
url pkg:npm/moment@2.19.2
purl pkg:npm/moment@2.19.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjwf-nuwg-4yc2
1
vulnerability VCID-gtht-4h82-pqg4
2
vulnerability VCID-kexn-gjxj-uudm
3
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.19.2
10
url pkg:npm/moment@2.19.3
purl pkg:npm/moment@2.19.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.19.3
11
url pkg:npm/moment@2.19.4
purl pkg:npm/moment@2.19.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.19.4
12
url pkg:npm/moment@2.20.0
purl pkg:npm/moment@2.20.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.20.0
13
url pkg:npm/moment@2.20.1
purl pkg:npm/moment@2.20.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.20.1
14
url pkg:npm/moment@2.21.0
purl pkg:npm/moment@2.21.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.21.0
15
url pkg:npm/moment@2.22.0
purl pkg:npm/moment@2.22.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.22.0
16
url pkg:npm/moment@2.22.1
purl pkg:npm/moment@2.22.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.22.1
17
url pkg:npm/moment@2.22.2
purl pkg:npm/moment@2.22.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.22.2
18
url pkg:npm/moment@2.23.0
purl pkg:npm/moment@2.23.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.23.0
19
url pkg:npm/moment@2.24.0
purl pkg:npm/moment@2.24.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.24.0
20
url pkg:npm/moment@2.25.0
purl pkg:npm/moment@2.25.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.25.0
21
url pkg:npm/moment@2.25.1
purl pkg:npm/moment@2.25.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.25.1
22
url pkg:npm/moment@2.25.2
purl pkg:npm/moment@2.25.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.25.2
23
url pkg:npm/moment@2.25.3
purl pkg:npm/moment@2.25.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.25.3
24
url pkg:npm/moment@2.26.0
purl pkg:npm/moment@2.26.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.26.0
25
url pkg:npm/moment@2.27.0
purl pkg:npm/moment@2.27.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.27.0
26
url pkg:npm/moment@2.28.0
purl pkg:npm/moment@2.28.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.28.0
27
url pkg:npm/moment@2.29.0
purl pkg:npm/moment@2.29.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.29.0
28
url pkg:npm/moment@2.29.1
purl pkg:npm/moment@2.29.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.29.1
29
url pkg:npm/moment@2.29.2
purl pkg:npm/moment@2.29.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.29.2
30
url pkg:npm/moment@2.29.3
purl pkg:npm/moment@2.29.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/moment@2.29.3
31
url pkg:nuget/Moment.js@2.18.0
purl pkg:nuget/Moment.js@2.18.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.18.0
32
url pkg:nuget/Moment.js@2.18.1
purl pkg:nuget/Moment.js@2.18.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.18.1
33
url pkg:nuget/Moment.js@2.18.2
purl pkg:nuget/Moment.js@2.18.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.18.2
34
url pkg:nuget/Moment.js@2.19.0
purl pkg:nuget/Moment.js@2.19.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.19.0
35
url pkg:nuget/Moment.js@2.19.1
purl pkg:nuget/Moment.js@2.19.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.19.1
36
url pkg:nuget/Moment.js@2.19.2
purl pkg:nuget/Moment.js@2.19.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.19.2
37
url pkg:nuget/Moment.js@2.19.3
purl pkg:nuget/Moment.js@2.19.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.19.3
38
url pkg:nuget/Moment.js@2.19.4
purl pkg:nuget/Moment.js@2.19.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.19.4
39
url pkg:nuget/Moment.js@2.20.0
purl pkg:nuget/Moment.js@2.20.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.20.0
40
url pkg:nuget/Moment.js@2.20.1
purl pkg:nuget/Moment.js@2.20.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.20.1
41
url pkg:nuget/Moment.js@2.21.0
purl pkg:nuget/Moment.js@2.21.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.21.0
42
url pkg:nuget/Moment.js@2.22.0
purl pkg:nuget/Moment.js@2.22.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.22.0
43
url pkg:nuget/Moment.js@2.22.1
purl pkg:nuget/Moment.js@2.22.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.22.1
44
url pkg:nuget/Moment.js@2.22.2
purl pkg:nuget/Moment.js@2.22.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.22.2
45
url pkg:nuget/Moment.js@2.23.0
purl pkg:nuget/Moment.js@2.23.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.23.0
46
url pkg:nuget/Moment.js@2.24.0
purl pkg:nuget/Moment.js@2.24.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.24.0
47
url pkg:nuget/Moment.js@2.25.0
purl pkg:nuget/Moment.js@2.25.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.25.0
48
url pkg:nuget/Moment.js@2.25.1
purl pkg:nuget/Moment.js@2.25.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.25.1
49
url pkg:nuget/Moment.js@2.25.2
purl pkg:nuget/Moment.js@2.25.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.25.2
50
url pkg:nuget/Moment.js@2.26.0
purl pkg:nuget/Moment.js@2.26.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.26.0
51
url pkg:nuget/Moment.js@2.27.0
purl pkg:nuget/Moment.js@2.27.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.27.0
52
url pkg:nuget/Moment.js@2.28.0
purl pkg:nuget/Moment.js@2.28.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.28.0
53
url pkg:nuget/Moment.js@2.29.0
purl pkg:nuget/Moment.js@2.29.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.29.0
54
url pkg:nuget/Moment.js@2.29.1
purl pkg:nuget/Moment.js@2.29.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.29.1
55
url pkg:nuget/Moment.js@2.29.2
purl pkg:nuget/Moment.js@2.29.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.29.2
56
url pkg:nuget/Moment.js@2.29.3
purl pkg:nuget/Moment.js@2.29.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/Moment.js@2.29.3
57
url pkg:rpm/redhat/ceph@2:17.2.6-70?arch=el9cp
purl pkg:rpm/redhat/ceph@2:17.2.6-70?arch=el9cp
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ptd4-8f7f-hyg6
1
vulnerability VCID-zhc9-ck6c-r7es
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ceph@2:17.2.6-70%3Farch=el9cp
58
url pkg:rpm/redhat/cockpit-ovirt@0.16.2-1?arch=el8ev
purl pkg:rpm/redhat/cockpit-ovirt@0.16.2-1?arch=el8ev
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cockpit-ovirt@0.16.2-1%3Farch=el8ev
59
url pkg:rpm/redhat/grafana@5.2.4-6?arch=el7rhgs
purl pkg:rpm/redhat/grafana@5.2.4-6?arch=el7rhgs
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/grafana@5.2.4-6%3Farch=el7rhgs
60
url pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.5-1?arch=el8ev
purl pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.5-1?arch=el8ev
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-engine-ui-extensions@1.3.5-1%3Farch=el8ev
61
url pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el7sso
purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el7sso
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xyb-g3n4-n3ca
1
vulnerability VCID-3s9f-prpy-hbcx
2
vulnerability VCID-4nu3-fknt-puej
3
vulnerability VCID-4v1f-kt5y-w7d1
4
vulnerability VCID-5618-53yg-8qh4
5
vulnerability VCID-6354-p39b-zbhp
6
vulnerability VCID-7j7q-m1zp-zfac
7
vulnerability VCID-9h46-72hw-bkcr
8
vulnerability VCID-cvxp-ctj9-guej
9
vulnerability VCID-dmkc-42vj-gbhc
10
vulnerability VCID-dxj3-8sk5-mfdy
11
vulnerability VCID-ebn8-cjqs-k3ad
12
vulnerability VCID-gp47-t3vm-57an
13
vulnerability VCID-hbwg-ebvx-k7e1
14
vulnerability VCID-kexn-gjxj-uudm
15
vulnerability VCID-mm3e-4pej-byed
16
vulnerability VCID-myp4-24sf-9yfv
17
vulnerability VCID-netd-rr9e-wbg5
18
vulnerability VCID-ptd4-8f7f-hyg6
19
vulnerability VCID-qxfs-sq38-jfad
20
vulnerability VCID-sqx4-euc2-myew
21
vulnerability VCID-turp-dju7-c7fx
22
vulnerability VCID-v2pq-1qhm-4qb9
23
vulnerability VCID-vfsr-kypp-wbea
24
vulnerability VCID-wp9q-eurd-43dx
25
vulnerability VCID-xy58-u3se-wfdb
26
vulnerability VCID-xzs8-rbhd-mkbp
27
vulnerability VCID-y1np-kma2-ayfn
28
vulnerability VCID-y3ey-aab7-q3fk
29
vulnerability VCID-y8up-mkx2-abcn
30
vulnerability VCID-y9aa-2a31-ufa7
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1%3Farch=el7sso
62
url pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el9sso
purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el9sso
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xyb-g3n4-n3ca
1
vulnerability VCID-3s9f-prpy-hbcx
2
vulnerability VCID-4nu3-fknt-puej
3
vulnerability VCID-4v1f-kt5y-w7d1
4
vulnerability VCID-5618-53yg-8qh4
5
vulnerability VCID-6354-p39b-zbhp
6
vulnerability VCID-7j7q-m1zp-zfac
7
vulnerability VCID-9h46-72hw-bkcr
8
vulnerability VCID-cvxp-ctj9-guej
9
vulnerability VCID-dmkc-42vj-gbhc
10
vulnerability VCID-dxj3-8sk5-mfdy
11
vulnerability VCID-ebn8-cjqs-k3ad
12
vulnerability VCID-gp47-t3vm-57an
13
vulnerability VCID-hbwg-ebvx-k7e1
14
vulnerability VCID-kexn-gjxj-uudm
15
vulnerability VCID-mm3e-4pej-byed
16
vulnerability VCID-myp4-24sf-9yfv
17
vulnerability VCID-netd-rr9e-wbg5
18
vulnerability VCID-ptd4-8f7f-hyg6
19
vulnerability VCID-qxfs-sq38-jfad
20
vulnerability VCID-sqx4-euc2-myew
21
vulnerability VCID-turp-dju7-c7fx
22
vulnerability VCID-v2pq-1qhm-4qb9
23
vulnerability VCID-vfsr-kypp-wbea
24
vulnerability VCID-wp9q-eurd-43dx
25
vulnerability VCID-xy58-u3se-wfdb
26
vulnerability VCID-xzs8-rbhd-mkbp
27
vulnerability VCID-y1np-kma2-ayfn
28
vulnerability VCID-y3ey-aab7-q3fk
29
vulnerability VCID-y8up-mkx2-abcn
30
vulnerability VCID-y9aa-2a31-ufa7
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1%3Farch=el9sso
63
url pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el8sso
purl pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1?arch=el8sso
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xyb-g3n4-n3ca
1
vulnerability VCID-3s9f-prpy-hbcx
2
vulnerability VCID-4nu3-fknt-puej
3
vulnerability VCID-4v1f-kt5y-w7d1
4
vulnerability VCID-5618-53yg-8qh4
5
vulnerability VCID-6354-p39b-zbhp
6
vulnerability VCID-7j7q-m1zp-zfac
7
vulnerability VCID-9h46-72hw-bkcr
8
vulnerability VCID-cvxp-ctj9-guej
9
vulnerability VCID-dmkc-42vj-gbhc
10
vulnerability VCID-dxj3-8sk5-mfdy
11
vulnerability VCID-ebn8-cjqs-k3ad
12
vulnerability VCID-gp47-t3vm-57an
13
vulnerability VCID-hbwg-ebvx-k7e1
14
vulnerability VCID-kexn-gjxj-uudm
15
vulnerability VCID-mm3e-4pej-byed
16
vulnerability VCID-myp4-24sf-9yfv
17
vulnerability VCID-netd-rr9e-wbg5
18
vulnerability VCID-ptd4-8f7f-hyg6
19
vulnerability VCID-qxfs-sq38-jfad
20
vulnerability VCID-sqx4-euc2-myew
21
vulnerability VCID-turp-dju7-c7fx
22
vulnerability VCID-v2pq-1qhm-4qb9
23
vulnerability VCID-vfsr-kypp-wbea
24
vulnerability VCID-wp9q-eurd-43dx
25
vulnerability VCID-xy58-u3se-wfdb
26
vulnerability VCID-xzs8-rbhd-mkbp
27
vulnerability VCID-y1np-kma2-ayfn
28
vulnerability VCID-y3ey-aab7-q3fk
29
vulnerability VCID-y8up-mkx2-abcn
30
vulnerability VCID-y9aa-2a31-ufa7
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-sso7-keycloak@18.0.6-1.redhat_00001.1%3Farch=el8sso
64
url pkg:rpm/redhat/servicemesh-prometheus@2.14.0-18.el8?arch=1
purl pkg:rpm/redhat/servicemesh-prometheus@2.14.0-18.el8?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kexn-gjxj-uudm
1
vulnerability VCID-ptd4-8f7f-hyg6
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/servicemesh-prometheus@2.14.0-18.el8%3Farch=1
65
url pkg:rpm/redhat/servicemesh-prometheus@2.23.0-9?arch=el8
purl pkg:rpm/redhat/servicemesh-prometheus@2.23.0-9?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dsm8-ck8e-wfdh
1
vulnerability VCID-k4dy-pv3f-4qas
2
vulnerability VCID-kexn-gjxj-uudm
3
vulnerability VCID-mnxk-x51q-wkfp
4
vulnerability VCID-ptd4-8f7f-hyg6
5
vulnerability VCID-yzsx-6acm-kkb6
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/servicemesh-prometheus@2.23.0-9%3Farch=el8
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31129.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31129.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31129
reference_id
reference_type
scores
0
value 0.03435
scoring_system epss
scoring_elements 0.87496
published_at 2026-04-18T12:55:00Z
1
value 0.03435
scoring_system epss
scoring_elements 0.87433
published_at 2026-04-02T12:55:00Z
2
value 0.03435
scoring_system epss
scoring_elements 0.87487
published_at 2026-04-11T12:55:00Z
3
value 0.03435
scoring_system epss
scoring_elements 0.87475
published_at 2026-04-09T12:55:00Z
4
value 0.03435
scoring_system epss
scoring_elements 0.87448
published_at 2026-04-04T12:55:00Z
5
value 0.03435
scoring_system epss
scoring_elements 0.87449
published_at 2026-04-07T12:55:00Z
6
value 0.03435
scoring_system epss
scoring_elements 0.87469
published_at 2026-04-08T12:55:00Z
7
value 0.03435
scoring_system epss
scoring_elements 0.87494
published_at 2026-04-16T12:55:00Z
8
value 0.03435
scoring_system epss
scoring_elements 0.87479
published_at 2026-04-13T12:55:00Z
9
value 0.03435
scoring_system epss
scoring_elements 0.87482
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31129
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31129
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31129
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/moment/moment
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment
5
reference_url https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3
6
reference_url https://github.com/moment/moment/pull/6015/commits/4bbb9f3ccbe231de40207503f344fe5ce97584f4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment/pull/6015/commits/4bbb9f3ccbe231de40207503f344fe5ce97584f4
7
reference_url https://github.com/moment/moment/pull/6015/commits/bfd4f2375d5c1a2106246721d693a9611dddfbfe
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment/pull/6015/commits/bfd4f2375d5c1a2106246721d693a9611dddfbfe
8
reference_url https://github.com/moment/moment/pull/6015/commits/dc0d180e90d8a84f7ff13572363330a22b3ea504
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/moment/moment/pull/6015/commits/dc0d180e90d8a84f7ff13572363330a22b3ea504
9
reference_url https://github.com/moment/moment/pull/6015#issuecomment-1152961973
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://github.com/moment/moment/pull/6015#issuecomment-1152961973
10
reference_url https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g
11
reference_url https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633
12
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-31129
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-31129
22
reference_url https://security.netapp.com/advisory/ntap-20221014-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20221014-0003
23
reference_url https://security.netapp.com/advisory/ntap-20241108-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241108-0002
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014845
reference_id 1014845
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014845
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2105075
reference_id 2105075
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2105075
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/
reference_id 6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/
27
reference_url https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/
reference_id f0952b67-f2ff-44a9-a9cd-99e0a87cb633
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/
28
reference_url https://github.com/advisories/GHSA-wc69-rhjr-hc9g
reference_id GHSA-wc69-rhjr-hc9g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wc69-rhjr-hc9g
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/
reference_id IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/
30
reference_url https://security.netapp.com/advisory/ntap-20221014-0003/
reference_id ntap-20221014-0003
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://security.netapp.com/advisory/ntap-20221014-0003/
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/
reference_id ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/
32
reference_url https://access.redhat.com/errata/RHSA-2022:5913
reference_id RHSA-2022:5913
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5913
33
reference_url https://access.redhat.com/errata/RHSA-2022:5914
reference_id RHSA-2022:5914
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5914
34
reference_url https://access.redhat.com/errata/RHSA-2022:5915
reference_id RHSA-2022:5915
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5915
35
reference_url https://access.redhat.com/errata/RHSA-2022:6156
reference_id RHSA-2022:6156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6156
36
reference_url https://access.redhat.com/errata/RHSA-2022:6271
reference_id RHSA-2022:6271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6271
37
reference_url https://access.redhat.com/errata/RHSA-2022:6272
reference_id RHSA-2022:6272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6272
38
reference_url https://access.redhat.com/errata/RHSA-2022:6277
reference_id RHSA-2022:6277
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6277
39
reference_url https://access.redhat.com/errata/RHSA-2022:6392
reference_id RHSA-2022:6392
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6392
40
reference_url https://access.redhat.com/errata/RHSA-2022:6393
reference_id RHSA-2022:6393
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6393
41
reference_url https://access.redhat.com/errata/RHSA-2022:6835
reference_id RHSA-2022:6835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6835
42
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
43
reference_url https://access.redhat.com/errata/RHSA-2023:1486
reference_id RHSA-2023:1486
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1486
44
reference_url https://access.redhat.com/errata/RHSA-2023:3623
reference_id RHSA-2023:3623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3623
45
reference_url https://usn.ubuntu.com/5559-1/
reference_id USN-5559-1
reference_type
scores
url https://usn.ubuntu.com/5559-1/
46
reference_url https://usn.ubuntu.com/6550-1/
reference_id USN-6550-1
reference_type
scores
url https://usn.ubuntu.com/6550-1/
47
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/
reference_id ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:40:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/
Weaknesses
0
cwe_id 1333
name Inefficient Regular Expression Complexity
description The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles.
1
cwe_id 400
name Uncontrolled Resource Consumption
description The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ptd4-8f7f-hyg6