moment.js version upgrade request

Due to current version of moment library that is nested in this library
is causing security vunlerability.

Will that be possile to upgrade moment library version?

below is snyk security report 

--------------------------------------------

moment  - Regular Expression Denial of Service (ReDoS)

Detailed paths
Introduced through: react-tempusdominus-bootstrap@1.12.0 › tempusdominus@5.16.0 › moment@2.24.0
Fix: No remediation path available.
Introduced through: react-tempusdominus-bootstrap@1.12.0 › tempusdominus-bootstrap@5.37.0 › moment@2.24.0
Fix: No remediation path available.
Security information
Factors contributing to the scoring:
Snyk: [CVSS 7.5](https://security.snyk.io/vuln/SNYK-JS-MOMENT-2944238) - High Severity

NVD: [CVSS 7.5](https://nvd.nist.gov/vuln/detail/CVE-2022-31129) - High Severity
[Why are the scores different? Learn how Snyk evaluates vulnerability scores](https://docs.snyk.io/features/fixing-and-prioritizing-issues/issue-management/severity-levels#understanding-snyks-vulnerability-analysis)
Overview
[moment](https://www.npmjs.com/package/moment) is a lightweight JavaScript date library for parsing, validating, manipulating, and formatting dates.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the preprocessRFC2822() function in from-string.js, when processing a very long crafted string (over 10k characters).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

moment.js version upgrade request #22

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

moment.js version upgrade request #22

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions