This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade moment from 2.29.3 to 2.30.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **3 versions** ahead of your current version.
- The recommended version was released **19 days ago**, on 2023-12-27.
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
:-------------------------:|:-------------------------|-------------------------|:-------------------------
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Prototype Pollution [SNYK-JS-MONGOOSE-2961688](https://snyk.io/vuln/SNYK-JS-MONGOOSE-2961688) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Prototype Pollution [SNYK-JS-MONGOOSE-5777721](https://snyk.io/vuln/SNYK-JS-MONGOOSE-5777721) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Prototype Pollution [SNYK-JS-MONGOOSE-2961688](https://snyk.io/vuln/SNYK-JS-MONGOOSE-2961688) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Prototype Pollution [SNYK-JS-MONGOOSE-5777721](https://snyk.io/vuln/SNYK-JS-MONGOOSE-5777721) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Prototype Poisoning [SNYK-JS-QS-3153490](https://snyk.io/vuln/SNYK-JS-QS-3153490) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-ANSIREGEX-1583908](https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Denial of Service (DoS) [SNYK-JS-DICER-2311764](https://snyk.io/vuln/SNYK-JS-DICER-2311764) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Mature
| Denial of Service (DoS) [SNYK-JS-ENGINEIO-3136336](https://snyk.io/vuln/SNYK-JS-ENGINEIO-3136336) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
| Uncaught Exception [SNYK-JS-ENGINEIO-5496331](https://snyk.io/vuln/SNYK-JS-ENGINEIO-5496331) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-MOMENT-2944238](https://snyk.io/vuln/SNYK-JS-MOMENT-2944238) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Denial of Service (DoS) [SNYK-JS-SOCKETIOPARSER-5596892](https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-5596892) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
| Information Exposure [SNYK-JS-MONGODB-5871303](https://snyk.io/vuln/SNYK-JS-MONGODB-5871303) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
| Missing Release of Resource after Effective Lifetime [SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-MINIMATCH-3050818](https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
| Command Injection [SNYK-JS-SNYK-3037342](https://snyk.io/vuln/SNYK-JS-SNYK-3037342) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Command Injection [SNYK-JS-SNYK-3038622](https://snyk.io/vuln/SNYK-JS-SNYK-3038622) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Code Injection [SNYK-JS-SNYK-3111871](https://snyk.io/vuln/SNYK-JS-SNYK-3111871) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
| Improper Input Validation [SNYK-JS-SOCKETIOPARSER-3091012](https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-3091012) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
(*) Note that the real score may have changed since the PR was raised.
Release notes Package name: moment
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade moment from 2.29.3 to 2.30.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **3 versions** ahead of your current version. - The recommended version was released **19 days ago**, on 2023-12-27. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-MONGOOSE-2961688](https://snyk.io/vuln/SNYK-JS-MONGOOSE-2961688) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-MONGOOSE-5777721](https://snyk.io/vuln/SNYK-JS-MONGOOSE-5777721) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-MONGOOSE-2961688](https://snyk.io/vuln/SNYK-JS-MONGOOSE-2961688) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-MONGOOSE-5777721](https://snyk.io/vuln/SNYK-JS-MONGOOSE-5777721) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-QS-3153490](https://snyk.io/vuln/SNYK-JS-QS-3153490) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-ANSIREGEX-1583908](https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-DICER-2311764](https://snyk.io/vuln/SNYK-JS-DICER-2311764) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Mature
[SNYK-JS-ENGINEIO-3136336](https://snyk.io/vuln/SNYK-JS-ENGINEIO-3136336) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
[SNYK-JS-ENGINEIO-5496331](https://snyk.io/vuln/SNYK-JS-ENGINEIO-5496331) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
[SNYK-JS-MOMENT-2944238](https://snyk.io/vuln/SNYK-JS-MOMENT-2944238) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-SOCKETIOPARSER-5596892](https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-5596892) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
[SNYK-JS-MONGODB-5871303](https://snyk.io/vuln/SNYK-JS-MONGODB-5871303) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
[SNYK-JS-INFLIGHT-6095116](https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-MINIMATCH-3050818](https://snyk.io/vuln/SNYK-JS-MINIMATCH-3050818) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
[SNYK-JS-SNYK-3037342](https://snyk.io/vuln/SNYK-JS-SNYK-3037342) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-SNYK-3038622](https://snyk.io/vuln/SNYK-JS-SNYK-3038622) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
[SNYK-JS-SNYK-3111871](https://snyk.io/vuln/SNYK-JS-SNYK-3111871) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit
[SNYK-JS-SOCKETIOPARSER-3091012](https://snyk.io/vuln/SNYK-JS-SOCKETIOPARSER-3091012) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: moment
2.30.1
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:![](https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIyZDZmNzBlYS0yODQxLTRmOTgtYjdlYS1mNTg1YzAwMmZhOGQiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjJkNmY3MGVhLTI4NDEtNGY5OC1iN2VhLWY1ODVjMDAyZmE4ZCJ9fQ==)
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs