You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Security information
Factors contributing to the scoring:
Snyk: [CVSS 7.5](https://security.snyk.io/vuln/SNYK-JS-MOMENT-2944238) - High Severity
NVD: [CVSS 7.5](https://nvd.nist.gov/vuln/detail/CVE-2022-31129) - High Severity
Why are the scores different? Learn how Snyk evaluates vulnerability scores
Overview
moment is a lightweight JavaScript date library for parsing, validating, manipulating, and formatting dates.
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the preprocessRFC2822() function in from-string.js, when processing a very long crafted string (over 10k characters).
The text was updated successfully, but these errors were encountered:
Introduced through
ghost-ignition@4.6.3
Fixed in
moment@2.29.4
Detailed paths
Security information
Factors contributing to the scoring:
Why are the scores different? Learn how Snyk evaluates vulnerability scores
Overview
moment is a lightweight JavaScript date library for parsing, validating, manipulating, and formatting dates.
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the preprocessRFC2822() function in from-string.js, when processing a very long crafted string (over 10k characters).
The text was updated successfully, but these errors were encountered: