CVE-2020-26289

Published December 28th, 2020

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECTS

Description

date-and-time is an npm package for manipulating date and time. In date-and-time before version 0.14.2, there a regular expression involved in parsing which can be exploited to to cause a denial of service. This is fixed in version 0.14.2.

date-and-time

The simplest, most intuitive date and time library

NPM

knowledgecode/date-and-time

The simplest, most intuitive date and time library

GitHub

188