momnet@2.28.0 vulnerabilities

Parse, validate, manipulate, and display dates

latest version

2.29.1

first published

4 years ago

latest version published

3 years ago

licenses detected

MIT
>=0

View momnet package health on Snyk Advisor (opens in a new tab)

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the momnet package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Malicious Package momnet is a malicious package. The library pretends to be the popular moment library, which is used in generating timestamps in different time-zones and formats for front-end projects. The malicious package is almost identical to the original library. The only difference is that it employs a different, crafted `moment.min.js` file of an unknown origin, rather than the library's own source. How to fix Malicious Package? Avoid using all malicious instances of the `momnet` package.	*

Malicious Package

momnet is a malicious package. The library pretends to be the popular moment library, which is used in generating timestamps in different time-zones and formats for front-end projects.

The malicious package is almost identical to the original library. The only difference is that it employs a different, crafted moment.min.js file of an unknown origin, rather than the library's own source.

How to fix Malicious Package?

Avoid using all malicious instances of the momnet package.

Go back to all versions of this package