search

smartystreets / goconvey

Go testing in the browser. Integrates with `go test`. Write behavioral tests in Go.
http://smartystreets.github.io/goconvey/
Other
8.23k stars 554 forks source link

CVE-2022-24785: Moment.js Path Traversal < 2.29.2 #669

Open montaguethomas opened 1 year ago

montaguethomas commented 1 year ago

https://nvd.nist.gov/vuln/detail/cve-2022-24785

Severity: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N -- 7.5 High

Current version in head branch: https://github.com/smartystreets/goconvey/blob/883c12515e6101b79f430987b4fd0ee50841bfe6/web/client/resources/js/lib/moment.js#L1-L2