You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
moment 2.22.2 in vendor.dll.7d98bec.js CVE-2022-24785: This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale.
CVE-2022-31129, CVE-2023-22467: Regular Expression Denial of Service (ReDoS), Affecting moment package, versions >=2.18.0 <2.29.4
https://github.com/QingdaoU/OnlineJudgeFE/blob/master/package.json#L41
i see 3 vulnerability in here:
i test in my web site with url http://labs.codetoanbug.com:8000/static/js/vendor.dll.7d98bec.js
moment 2.22.2 in vendor.dll.7d98bec.js
CVE-2022-24785: This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale.
CVE-2022-31129, CVE-2023-22467: Regular Expression Denial of Service (ReDoS), Affecting moment package, versions >=2.18.0 <2.29.4
Vue 2.5.17 in vendor.dll.7d98bec.js
Bump vue-server-renderer's dependency of serialize-javascript to 2.1.2 https://github.com/vuejs/vue/releases/tag/v2.6.11
i testing POC in my local server i Redos impact slow my website
i building new version Online Juger
Contact Me: longbinhquoitay8@gmail.com
Thank for Read!
The text was updated successfully, but these errors were encountered: