View Issue Details

IDProjectCategoryView StatusLast Update
0029849mantisbtsecuritypublic2022-07-10 14:01
Reporterdregad Assigned Todregad  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Target Version2.25.3Fixed in Version2.25.3 
Summary0029849: Update moment.js to 2.29.2
Description

Versions <= 2.29.1 are affected by a vulnerability, see CVE-2022-24785 and https://github.com/mantisbt/mantisbt/security/dependabot/2

TagsNo tags attached.

Relationships

related to 0026358 closeddregad Vulnerability from library Moment.js 2.15.2 
related to 0029857 closeddregad Errors trying to load moment.js library from CDN 
related to 0030772 closeddregad Update moment.js to 2.29.4 

Activities

There are no notes attached to this issue.

Related Changesets

MantisBT: master-2.25 5bdcbee4

2022-04-13 08:27

dregad


Details Diff
Update moment.js library to 2.29.2

Version 2.24.0 was exposed to a known vulnerability, see CVE-2022-24785
and https://github.com/mantisbt/mantisbt/security/dependabot/2.

Fixes 0029849
Affected Issues
0029849
mod - core/constant_inc.php Diff File
rm - js/moment-with-locales-2.24.0.min.js Diff
add - js/moment-with-locales-2.29.2.min.js Diff File
mod - library/README.md Diff File