View Issue Details

IDProjectCategoryView StatusLast Update
0030772mantisbtsecuritypublic2022-08-04 05:01
Reporterdregad Assigned Todregad  
PriorityhighSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Target Version2.25.6Fixed in Version2.25.6 
Summary0030772: Update moment.js to 2.29.4
Description

Versions >= 2.18.0, < 2.29.4 are affected by a vulnerability, see CVE-2022-31129 and https://github.com/mantisbt/mantisbt/security/dependabot/8

TagsNo tags attached.

Relationships

related to 0029849 closeddregad Update moment.js to 2.29.2 

Activities

There are no notes attached to this issue.

Related Changesets

MantisBT: master-2.25 b7b2a8a3

2022-07-10 14:03

dregad


Details Diff
Update moment.js library to 2.29.4

Version 2.29.3 was exposed to a known vulnerability, see CVE-2022-31129
and https://github.com/mantisbt/mantisbt/security/dependabot/8.

Fixes 0030772
Affected Issues
0030772
mod - core/constant_inc.php Diff File
rm - js/moment-with-locales-2.29.3.min.js Diff
add - js/moment-with-locales-2.29.4.min.js Diff File
mod - library/README.md Diff File