Open unleashed opened 4 years ago
The usage of Date._parse when taking the input of the timestamp field of transactions is insufficient to validate a date. In particular, it's been discovered that some strings with a specific number of digits are considered dates by the affected code.
Date._parse
timestamp
Note that the documentation only talks about a specific format for dates in the timestamp field, so for example we might want to consider changing this so proper validation happens as specified in the docs.
The usage of
Date._parsewhen taking the input of thetimestampfield of transactions is insufficient to validate a date. In particular, it's been discovered that some strings with a specific number of digits are considered dates by the affected code.Note that the documentation only talks about a specific format for dates in the
timestampfield, so for example we might want to consider changing this so proper validation happens as specified in the docs.