Closed mend-bolt-for-github[bot] closed 2 years ago
Go testing in the browser. Integrates with `go test`. Write behavioral tests in Go.
Dependency Hierarchy: - :x: **github.com/smartystreets/goconvey-v1.6.4** (Vulnerable Library)
Found in HEAD commit: a1c271764655c7e3ff81126d5929b8dda6170bf4
Found in base branch: datasource-meta
The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.
Publish Date: 2018-03-04
URL: CVE-2017-18214
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
Type: Upgrade version
Origin: https://github.com/advisories/GHSA-446m-mv8f-q348
Release Date: 2018-03-04
Fix Resolution: moment - 2.19.3
Step up your Open Source Security Game with WhiteSource here
:information_source: This issue was automatically closed by WhiteSource because it is a duplicate of an existing issue: #665
CVE-2017-18214 - High Severity Vulnerability
Go testing in the browser. Integrates with `go test`. Write behavioral tests in Go.
Dependency Hierarchy: - :x: **github.com/smartystreets/goconvey-v1.6.4** (Vulnerable Library)
Found in HEAD commit: a1c271764655c7e3ff81126d5929b8dda6170bf4
Found in base branch: datasource-meta
The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.
Publish Date: 2018-03-04
URL: CVE-2017-18214
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://github.com/advisories/GHSA-446m-mv8f-q348
Release Date: 2018-03-04
Fix Resolution: moment - 2.19.3
Step up your Open Source Security Game with WhiteSource here