You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
mend-for-github-combot
changed the title
WS-2016-0075 (Medium) detected in moment-2.13.0.min.js
WS-2016-0075 (Medium) detected in moment-2.13.0.min.js - autoclosed
Mar 4, 2021
WS-2016-0075 - Medium Severity Vulnerability
Parse, validate, manipulate, and display dates
Library home page: https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.13.0/moment.min.js
Path to dependency file: doccano/app/server/static/node_modules/chart.js/samples/scales/time/combo.html
Path to vulnerable library: doccano/app/server/static/node_modules/chart.js/samples/scales/time/combo.html
Dependency Hierarchy:
Regular expression denial of service vulnerability in the moment package, by using a specific 40 characters long string in the "format" method.
Publish Date: 2016-10-24
URL: WS-2016-0075
Base Score Metrics:
Type: Upgrade version
Origin: moment/moment#3525
Release Date: 2016-10-24
Fix Resolution: 2.15.2
The text was updated successfully, but these errors were encountered: