Moment.js Vulnerability

Ruwi · August 12, 2023, 2:32pm

Hello,

I am using Elasticsearch-Kibana version 7.10.2.
In the security tests, it was observed that there was a vulnerability in moment.js software.

moment.js 2.28.0 --> CVE-2022-24785

Can I update this software, does it have a dependency? Or do I need to upgrade the app?

xeraa · August 13, 2023, 6:14pm

Updating dependencies is not supported or recommended. Please upgrade (all pieces of the Elastic Stack)

Topic		Replies	Views
Are there updates for kibana 7.17? Elastic Search	3	203	October 8, 2024
Elastic Stack 7.17.1 Security Update Security Announcements	1	20590	November 4, 2022
Elastic Stack 6.8.2 and 7.2.1 security update Security Announcements	1	8751	November 4, 2022
ELK Security Kibana	6	201	August 26, 2024
Do I need to upgrade?. Kibana 8.17.3 Security Update (ESA-2025-06) Elasticsearch elastic-stack-monitoring , elastic-stack-security , elastic-stack-alerting	5	321	March 13, 2025