Lucene search

CVE-2022-24785

🗓️ 04 Apr 2022 00:00:00Reported by AttackerKBType

Path traversal vulnerability in Moment.js 1.0.1-2.29.1, fixed in 2.29.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 126
Prion	Path traversal	4 Apr 202217:15	–	prion
IBM Security Bulletins	Security Bulletin: IBM Storage Ceph is vulnerable to a path traversal vulnerablity in Moment.js (CVE-2022-24785)	1 Nov 202319:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to Path Traversal in Moment.js (CVE-2022-24785)	4 Apr 202521:22	–	ibm
IBM Security Bulletins	Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to remote attack due to Moment.js CVE-2022-24785	27 May 202209:21	–	ibm
IBM Security Bulletins	Security Bulletin: There is a vulnerability in moment.js used by IBM QRadar User Behavior Analytics (CVE-2022-24785)	29 Sep 202214:05	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in nodejs moment.js affect Cloud Pak System [CVE-2022-24785]	1 Aug 202409:04	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Moment.js affects IBM Process Mining . CVE-2022-24785	1 Feb 202321:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to directory traversal due to CVE-2022-24785	28 Apr 202211:37	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Db2 Mirror for i is vulnerable to directory traversal due to Moment.js (CVE-2022-24785)	9 Jun 202222:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerabilities CVE-2022-31129, CVE-2022-24785	27 Mar 202317:23	–	ibm

Source	Link
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
github	www.github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4
tenable	www.tenable.com/security/tns-2022-09
security	www.security.netapp.com/advisory/ntap-20220513-0006/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/
security	www.security.snyk.io/vuln/SNYK-JS-MOMENT-2440688
security	www.security.snyk.io/vuln/SNYK-DOTNET-MOMENTJS-2440689
lists	www.lists.debian.org/debian-lts-announce/2023/01/msg00035.html
github	www.github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Apr 2022 00:00Current

7.6High risk

Vulners AI Score7.6

CVSS25

CVSS37.5

EPSS0.00456