Security Vulnerability in moment

[ElvisYang]

The moment code is in the following, which will cause security vulnerability.
https://github.com/sferik/rails_admin/blob/master/vendor/assets/javascripts/rails_admin/moment-with-locales.js

so looks need to upgrade the version of moment to solve this security problem
https://www.cvedetails.com/vulnerability-list/vendor_id-16043/product_id-35644/Moment-Project-Moment.html

[EthanZeigler]

This really should be added to the "security" disclosure tab of Github. It's something they added in the last few weeks.

[ElvisYang]

@EthanZeigler good suggestion, how can I make this in security tab?

[EthanZeigler]

... good point. Looks like they haven't added a disclosure piece yet.

…

On Mon, Aug 19, 2019 at 1:54 PM Elvis ***@***.***> wrote: @EthanZeigler <https://github.com/EthanZeigler> good suggestion, how can I make this in security tab? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#3182>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACFTL6C3ZWTJP4CLZ3KUAY3QFLM4NANCNFSM4IJY6DZQ> .

--

_____________________________________________________ *Ethan Zeigler* Open Source Developer & Junior CS Major ethanzeigler.com & ethanzeigler.com/blog (Websites Under Development)

_____________________________________________________