WS-2016-0075 Medium Severity Vulnerability detected by WhiteSource #10
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
WS-2016-0075 - Medium Severity Vulnerability
moment-2.13.0.min.js
Parse, validate, manipulate, and display dates
path: /zerhuel-online-platform/xx_public/assets/themes/corastore/vendor/daterangepicker/moment.min.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.13.0/moment.min.js
Dependency Hierarchy:
moment-2.13.0.js
Parse, validate, manipulate, and display dates
path: /zerhuel-online-platform/xx_public/assets/themes/corastore/vendor/daterangepicker/moment.js
Library home page: https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.13.0/moment.js
Dependency Hierarchy:
Found in HEAD commit: 53adf471a707419dfe40ccb6f77c78f9c2216a00
Regular expression denial of service vulnerability in the moment package, by using a specific 40 characters long string in the "format" method.
Publish Date: 2016-10-24
URL: WS-2016-0075
Base Score Metrics not available
Type: Change files
Origin: moment/moment@663f33e
Release Date: 2016-10-24
Fix Resolution: Replace or update the following files: month.js, lt.js
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: