Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-69040

The version of moment.js used in Jira was vulnerable to a regular expression denial of service

    XMLWordPrintable

Details

    Description

      The version of moment.js used in in Jira before version 7.12.3, from version 7.13.0 before version 7.13.1 and before version 8.0.0 allows remote attackers to cause a denial of service in user's browsers via a regular expression denial of service. For additional details see https://github.com/moment/moment/issues/2936.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. JSDSERVER-6289 The version of moment.js used in Jira Service Desk was vulnerable to a regular expression denial of service

          • Low - Low priority issues
          • Closed
          mentioned in

          Page Loading...

          Activity

            People

              Unassigned Unassigned
              security-metrics-bot Security Metrics Bot
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: