Vulnerabilities

CVE-2020-26289

by Fred · 28/12/2020

date-and-time is an npm package for manipulating date and time. In date-and-time before version 0.14.2, there a regular expression involved in parsing which can be exploited to to cause a denial of service. This is fixed in version 0.14.2.

Date published : 2020-12-28

https://github.com/knowledgecode/date-and-time/security/advisories/GHSA-r92x-f52r-x54g

https://github.com/knowledgecode/date-and-time/commit/9e4b501eacddccc8b1f559fb414f48472ee17c2a

Similar

Tags: Cybersecurity Alert