VYPR

npm package

date-and-time

pkg:npm/date-and-time

Vulnerabilities (1)

  • CVE-2020-26289Dec 28, 2020
    affected < 0.14.2fixed 0.14.2

    date-and-time is an npm package for manipulating date and time. In date-and-time before version 0.14.2, there a regular expression involved in parsing which can be exploited to to cause a denial of service. This is fixed in version 0.14.2.