We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
11:26:43 [INFO] > nsp "check" 11:26:43 [INFO] 11:26:48 [INFO] (+) 1 vulnerability found 11:26:48 [INFO] ┌────────────┬────────────────────────────────────────────────────────────────────┐ 11:26:48 [INFO] │ │ Regular Expression Denial of Service │ 11:26:48 [INFO] ├────────────┼────────────────────────────────────────────────────────────────────┤ 11:26:48 [INFO] │ Name │ moment │ 11:26:48 [INFO] ├────────────┼────────────────────────────────────────────────────────────────────┤ 11:26:48 [INFO] │ CVSS │ 7.5 (High) │ 11:26:48 [INFO] ├────────────┼────────────────────────────────────────────────────────────────────┤ 11:26:48 [INFO] │ Installed │ 2.18.1 │ 11:26:48 [INFO] ├────────────┼────────────────────────────────────────────────────────────────────┤ 11:26:48 [INFO] │ Vulnerable │ <2.19.3 │ 11:26:48 [INFO] ├────────────┼────────────────────────────────────────────────────────────────────┤ 11:26:48 [INFO] │ Patched │ >=2.19.3 │ 11:26:48 [INFO] ├────────────┼────────────────────────────────────────────────────────────────────┤ 11:26:48 [INFO] │ Path │ [email protected] > [email protected] > [email protected] │ 11:26:48 [INFO] ├────────────┼────────────────────────────────────────────────────────────────────┤ 11:26:48 [INFO] │ More Info │ https://nodesecurity.io/advisories/532 │ 11:26:48 [INFO] └────────────┴────────────────────────────────────────────────────────────────────┘
Should not raise moment dependency issue.
Breaking dependency.
Update package.json to ensure higher version dependency.
package.json
nsp "check"
If not, this requires forcing the dependency in the application.
See above error report.
The text was updated successfully, but these errors were encountered:
This has been fixed by #4891 but not released yet (2.7.2)
Duplicates #5024 and #5130
Sorry, something went wrong.
No branches or pull requests
Expected Behavior
Should not raise moment dependency issue.
Current Behavior
Breaking dependency.
Possible Solution
Update
package.json
to ensure higher version dependency.Steps to Reproduce (for bugs)
nsp "check"
Context
If not, this requires forcing the dependency in the application.
Environment
See above error report.
The text was updated successfully, but these errors were encountered: