Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 7.12.3, 7.13.1, 8.0.0
Affects Version/s: 7.3.7, 7.9.2
Component/s: Front-end API
Labels:

Fixed in Long Term Support Release/s:

Download 7.13
Introduced in Version:
7.03
Symptom Severity:
Severity 2 - Major

The version of moment.js used in in Jira before version 7.12.3, from version 7.13.0 before version 7.13.1 and before version 8.0.0 allows remote attackers to cause a denial of service in user's browsers via a regular expression denial of service. For additional details see https://github.com/moment/moment/issues/2936.

is related to

JSDSERVER-6289 The version of moment.js used in Jira Service Desk was vulnerable to a regular expression denial of service

Closed

mentioned in: Page Loading...

Assignee:: Unassigned
Reporter:: Security Metrics Bot
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: 21/Mar/2019 12:46 AM
Updated:: 22/May/2020 8:25 AM
Resolved:: 21/Mar/2019 12:49 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates