Skip to content

Security vulnerability due to obsolete moment version #997

New issue
New issue
Closed
Closed
Security vulnerability due to obsolete moment version#997
Labels
peer-dependencieswait-for-input
@VB-at-Bis

Description

@VB-at-Bis
VB-at-Bis
opened on Aug 21, 2022

Moment-timezone version which you use:

Version: 0.5.34

Issue description:

Security vulnerability reported in our private repository due to moment-timezone.
Please see advisory GHSA-wc69-rhjr-hc9g "Inefficient Regular Expression Complexity in moment".
Current version of moment-timezone uses moment 2.9.0 . Please update dependency to at least 2.29.4 to fix the vulnerability.

Metadata

Metadata

Assignees

No one assigned

    Labels

    peer-dependencieswait-for-input

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions