Javascript Library Moment.js Security Update (MINDBREEZE22124)

ID: MINDBREEZE22124 
Affected Components: Mindbreeze InSpire G7, Mindbreeze InSpire SaaS 
Severity: 7.5 High 
Status: Final 
First published: September 28, 2022 
CVEs: CVE-2017-18214 

Summary 

The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055. 

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS:

• Mindbreeze InSpire 22.2 Release (Version 22.2.0.729) 

• Mindbreeze InSpire SaaS 22.2 Release (Version 22.2.0.729)