Moment.js Vulnerability


I am using Elasticsearch-Kibana version 7.10.2.
In the security tests, it was observed that there was a vulnerability in moment.js software.

moment.js 2.28.0 --> CVE-2022-24785

Can I update this software, does it have a dependency? Or do I need to upgrade the app?

Updating dependencies is not supported or recommended. Please upgrade (all pieces of the Elastic Stack) :slight_smile:

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.