Moment.js vulnerability 

Issue date: 13-04-2021
Affects versions: 13.4, 12.6

Security Issue ID

SECURITY-201

 

Affected Product Version(s)

13.4.7, 12.6.14

Severity 

low

Description

NPM-532

Affected versions of `moment` are vulnerable to a low severity regular expression denial of service when parsing dates as strings.

Instructions

Customers using 13.x and 12.x versions should upgrade to the latest version.