security vulnerabilities : moment-Package

Question

Closed this issue 2 years ago · 1 comments

Github Dependabot reports the following security vulnerabilites:

[Inefficient Regular Expression Complexity in moment ] [High] • Detected in moment (npm) • package-lock.json

[Path Traversal: 'dir/../../filename' in moment.locale ] [High] • Detected in moment (npm) • package-lock.json

[Cleartext Transmission of Sensitive Information in moment-timezone ] [Moderate] • Detected in moment-timezone (npm) • package-lock.json

[Command Injection in moment-timezone ] [Low] • Detected in moment-timezone (npm) • package-lock.json

Please update to newer Versions

Answer 1 · 2022-11-14T09:00:49.000Z

Released with 4.1.3.