You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
问题描述:
vulnerability: date-and-time is an npm package for manipulating date and time. In date-and-time before version 0.14.2, there a regular expression involved in parsing which can be exploited to to cause a denial of service. This is fixed in version 0.14.2. remediation: Upgrade date-and-time from 0.12.0 to 0.14.2 to fix the vulnerability. vulnerability: Due to an overly permissive regular expression, the parsing of certain date strings may lead to a denial of service. remediation: Upgrade to version v0.14.2 vulnerability: date-and-time is vulnerable to Regular Expression Denial Of Service (ReDoS). The vulnerability is possible due to an overly permissive regular expression, the parsing of certain date strings may lead to a denial of service.
问题描述:
vulnerability: date-and-time is an npm package for manipulating date and time. In date-and-time before version 0.14.2, there a regular expression involved in parsing which can be exploited to to cause a denial of service. This is fixed in version 0.14.2. remediation: Upgrade date-and-time from 0.12.0 to 0.14.2 to fix the vulnerability. vulnerability: Due to an overly permissive regular expression, the parsing of certain date strings may lead to a denial of service. remediation: Upgrade to version v0.14.2 vulnerability: date-and-time is vulnerable to Regular Expression Denial Of Service (ReDoS). The vulnerability is possible due to an overly permissive regular expression, the parsing of certain date strings may lead to a denial of service.
解决方案:
[email protected]
需要将依赖调整为^0.14.2
The text was updated successfully, but these errors were encountered: