Description
Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied to all affected versions. As a workaround, sanitize the user-provided locale name before passing it to Moment.js.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| moment | moment | affected |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
|
Configuration 4 [-]
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| OpenShift Service Mesh 2.0 | |||
| servicemesh-prometheus-0:2.14.0-18.el8.1 | cpe:/a:redhat:service_mesh:2.0::el8 | RHSA-2022:6272 | 2022-08-31T00:00:00Z |
| OpenShift Service Mesh 2.1 | |||
| openshift-service-mesh/kiali-rhel8:1.36.10-2 | cpe:/a:redhat:service_mesh:2.1::el8 | RHSA-2022:5006 | 2022-06-13T00:00:00Z |
| servicemesh-prometheus-0:2.23.0-9.el8 | cpe:/a:redhat:service_mesh:2.1::el8 | RHSA-2022:6277 | 2022-08-31T00:00:00Z |
| Red Hat Advanced Cluster Management for Kubernetes 2 | |||
| acm-grafana-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| acm-must-gather-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| acm-operator-bundle-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| application-ui-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| assisted-image-service-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| cert-policy-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| cluster-backup-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| clusterclaims-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| cluster-curator-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| clusterlifecycle-state-metrics-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| cluster-proxy-addon-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| config-policy-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| console-api-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| console-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| discovery-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| endpoint-monitoring-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| governance-policy-propagator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| governance-policy-spec-sync-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| governance-policy-status-sync-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| governance-policy-template-sync-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| grafana-dashboard-loader-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| grc-ui-api-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| grc-ui-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| iam-policy-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| insights-client-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| insights-metrics-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| klusterlet-addon-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| klusterlet-addon-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| kube-rbac-proxy-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| kube-state-metrics-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| managedcluster-import-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| management-ingress-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| memcached-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| memcached-exporter-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| metrics-collector-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| multicloud-integrations-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| multicloud-manager-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| multiclusterhub-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| multiclusterhub-repo-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| multicluster-observability-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| multicluster-operators-application-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| multicluster-operators-channel-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| multicluster-operators-deployable-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| multicluster-operators-placementrule-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| multicluster-operators-subscription-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| multicluster-operators-subscription-release-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| node-exporter-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| observatorium-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| observatorium-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| openshift-hive-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| placement-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| prometheus-alertmanager-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| prometheus-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| provider-credential-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| rbac-query-proxy-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| redisgraph-tls-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| registration-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| registration-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| rhacm-agent-service-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| rhacm-assisted-installer-agent-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| rhacm-assisted-installer-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| rhacm-assisted-installer-reporter-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| search-aggregator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| search-api-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| search-collector-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| search-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| search-ui-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| submariner-addon-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| thanos-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| thanos-receive-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| volsync-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| volsync-mover-rclone-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| volsync-mover-restic-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| volsync-mover-rsync-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| work-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:1681 | 2022-05-03T00:00:00Z |
| acm-grafana-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| acm-must-gather-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| acm-operator-bundle-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| application-ui-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| assisted-image-service-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| cert-policy-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| cluster-backup-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| clusterclaims-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| cluster-curator-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| clusterlifecycle-state-metrics-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| cluster-proxy-addon-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| config-policy-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| console-api-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| console-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| discovery-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| endpoint-monitoring-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| governance-policy-propagator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| governance-policy-spec-sync-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| governance-policy-status-sync-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| governance-policy-template-sync-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| grafana-dashboard-loader-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| grc-ui-api-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| grc-ui-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| iam-policy-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| insights-client-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| insights-metrics-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| klusterlet-addon-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| klusterlet-addon-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| kube-rbac-proxy-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| kube-state-metrics-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| managedcluster-import-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| management-ingress-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| memcached-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| memcached-exporter-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| metrics-collector-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| multicloud-integrations-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| multicloud-manager-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| multiclusterhub-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| multiclusterhub-repo-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| multicluster-observability-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| multicluster-operators-application-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| multicluster-operators-channel-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| multicluster-operators-deployable-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| multicluster-operators-placementrule-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| multicluster-operators-subscription-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| multicluster-operators-subscription-release-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| node-exporter-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| observatorium-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| observatorium-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| openshift-hive-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| placement-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| prometheus-alertmanager-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| prometheus-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| provider-credential-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| rbac-query-proxy-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| redisgraph-tls-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| registration-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| registration-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| rhacm-agent-service-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| rhacm-assisted-installer-agent-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| rhacm-assisted-installer-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| rhacm-assisted-installer-reporter-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| search-aggregator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| search-api-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| search-collector-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| search-operator-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| search-ui-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| submariner-addon-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| thanos-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| thanos-receive-controller-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| volsync-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| volsync-mover-rclone-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| volsync-mover-restic-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| volsync-mover-rsync-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| work-container | cpe:/a:redhat:acm:2.4::el8 | RHSA-2022:5201 | 2022-06-27T00:00:00Z |
| acm-cluster-proxy-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| acm-governance-policy-addon-controller-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| acm-grafana-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| acm-must-gather-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| acm-operator-bundle-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| acm-prometheus-config-reloader-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| acm-prometheus-operator-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| acm-volsync-addon-controller-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| cert-policy-controller-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| cluster-backup-operator-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| cluster-proxy-addon-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| config-policy-controller-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| console-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| endpoint-monitoring-operator-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| governance-policy-propagator-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| governance-policy-spec-sync-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| governance-policy-status-sync-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| governance-policy-template-sync-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| grafana-dashboard-loader-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| iam-policy-controller-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| insights-client-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| insights-metrics-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| klusterlet-addon-controller-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| klusterlet-addon-operator-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| kube-rbac-proxy-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| kube-state-metrics-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| management-ingress-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| memcached-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| memcached-exporter-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| metrics-collector-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| multicloud-integrations-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| multiclusterhub-operator-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| multiclusterhub-repo-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| multicluster-observability-operator-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| multicluster-operators-application-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| multicluster-operators-channel-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| multicluster-operators-subscription-operator-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| node-exporter-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| observatorium-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| observatorium-operator-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| prometheus-alertmanager-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| prometheus-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| rbac-query-proxy-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| redisgraph-tls-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| search-aggregator-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| search-api-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| search-collector-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| search-operator-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| submariner-addon-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| thanos-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| thanos-receive-controller-container | cpe:/a:redhat:acm:2.5::el8 | RHSA-2022:4956 | 2022-06-09T00:00:00Z |
| Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8 | |||
| rhacm2/application-ui-rhel8:v2.3.10-6 | cpe:/a:redhat:acm:2.3::el8 | RHSA-2022:1715 | 2022-05-05T00:00:00Z |
| rhacm2/console-api-rhel8:v2.3.10-5 | cpe:/a:redhat:acm:2.3::el8 | RHSA-2022:1715 | 2022-05-05T00:00:00Z |
| rhacm2/console-rhel8:v2.3.10-4 | cpe:/a:redhat:acm:2.3::el8 | RHSA-2022:1715 | 2022-05-05T00:00:00Z |
| rhacm2/grc-ui-api-rhel8:v2.3.10-4 | cpe:/a:redhat:acm:2.3::el8 | RHSA-2022:1715 | 2022-05-05T00:00:00Z |
| rhacm2/grc-ui-rhel8:v2.3.10-3 | cpe:/a:redhat:acm:2.3::el8 | RHSA-2022:1715 | 2022-05-05T00:00:00Z |
| rhacm2/search-ui-rhel8:v2.3.10-5 | cpe:/a:redhat:acm:2.3::el8 | RHSA-2022:1715 | 2022-05-05T00:00:00Z |
| rhacm2/kui-web-terminal-rhel8:v2.3.11-11 | cpe:/a:redhat:acm:2.3::el8 | RHSA-2022:5392 | 2022-06-28T00:00:00Z |
| Red Hat Ceph Storage 5.3 | |||
| ceph-2:16.2.10-94.el9cp | cpe:/a:redhat:ceph_storage:5.3::el8 | RHSA-2023:0076 | 2023-01-11T00:00:00Z |
| Red Hat Ceph Storage 6.1 | |||
| rhceph/rhceph-6-dashboard-rhel9:6-75 | cpe:/a:redhat:ceph_storage:6.1::el9 | RHSA-2023:3642 | 2023-06-15T00:00:00Z |
| Red Hat Fuse 7.11.1 | |||
| Moment.js | cpe:/a:redhat:jboss_fuse:7 | RHSA-2022:8652 | 2022-11-28T00:00:00Z |
| Red Hat Fuse 7.12 | |||
| cpe:/a:redhat:jboss_fuse:7 | RHSA-2023:3954 | 2023-06-29T00:00:00Z | |
| Red Hat JBoss Enterprise Application Platform 7 | |||
| Moment.js | cpe:/a:redhat:jboss_enterprise_application_platform:7.4 | RHSA-2022:4922 | 2022-06-06T00:00:00Z |
| Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 | |||
| eap7-activemq-artemis-0:1.5.5.016-1.redhat_00001.1.ep7.el7 | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 | RHSA-2025:4226 | 2025-04-28T00:00:00Z |
| eap7-artemis-native-1:1.5.5.016-1.redhat_00001.1.ep7.el7 | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 | RHSA-2025:4226 | 2025-04-28T00:00:00Z |
| eap7-jboss-xnio-base-0:3.5.11-1.Final_redhat_00001.1.ep7.el7 | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 | RHSA-2025:4226 | 2025-04-28T00:00:00Z |
| eap7-jsoup-0:1.14.2-1.redhat_00002.1.ep7.el7 | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 | RHSA-2025:4226 | 2025-04-28T00:00:00Z |
| eap7-undertow-0:1.4.18-14.SP13_redhat_00001.1.ep7.el7 | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 | RHSA-2025:4226 | 2025-04-28T00:00:00Z |
| eap7-wildfly-0:7.1.10-2.GA_redhat_00002.1.ep7.el7 | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 | RHSA-2025:4226 | 2025-04-28T00:00:00Z |
| eap7-woodstox-core-0:5.0.3-2.redhat_00002.1.ep7.el7 | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 | RHSA-2025:4226 | 2025-04-28T00:00:00Z |
| eap7-xml-security-0:2.0.10-2.redhat_00002.1.ep7.el7 | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 | RHSA-2025:4226 | 2025-04-28T00:00:00Z |
| Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 | |||
| eap7-activemq-artemis-0:2.9.0-10.redhat_00021.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 | RHSA-2025:4437 | 2025-05-05T00:00:00Z |
| eap7-gson-0:2.8.9-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 | RHSA-2025:4437 | 2025-05-05T00:00:00Z |
| eap7-hal-console-0:3.2.18-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 | RHSA-2025:4437 | 2025-05-05T00:00:00Z |
| eap7-jboss-server-migration-0:1.7.2-14.Final_redhat_00015.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 | RHSA-2025:4437 | 2025-05-05T00:00:00Z |
| eap7-jboss-xnio-base-0:3.7.14-3.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 | RHSA-2025:4437 | 2025-05-05T00:00:00Z |
| eap7-wildfly-0:7.3.13-4.GA_redhat_00002.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 | RHSA-2025:4437 | 2025-05-05T00:00:00Z |
| eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 | RHSA-2025:4437 | 2025-05-05T00:00:00Z |
| Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 | |||
| eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8 | RHSA-2022:4919 | 2022-06-06T00:00:00Z |
| Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 | |||
| eap7-hal-console-0:3.3.12-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7 | RHSA-2022:4918 | 2022-06-06T00:00:00Z |
| Red Hat OpenShift Data Foundation 4.11 on RHEL8 | |||
| odf4/mcg-core-rhel8:v4.11.0-30 | cpe:/a:redhat:openshift_data_foundation:4.11::el8 | RHSA-2022:6156 | 2022-08-24T00:00:00Z |
| Red Hat OpenShift distributed tracing 2 | |||
| opentelemetry-collector-container | cpe:/a:redhat:openshift_distributed_tracing:2.6::el8 | RHSA-2022:7055 | 2022-10-19T00:00:00Z |
| opentelemetry-operator-container | cpe:/a:redhat:openshift_distributed_tracing:2.6::el8 | RHSA-2022:7055 | 2022-10-19T00:00:00Z |
| Red Hat Single Sign-On 7 | |||
| Moment.js | cpe:/a:redhat:red_hat_single_sign_on:7.6 | RHSA-2023:1049 | 2023-03-01T00:00:00Z |
| Red Hat Single Sign-On 7.6 for RHEL 7 | |||
| rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el7sso | cpe:/a:redhat:red_hat_single_sign_on:7.6::el7 | RHSA-2023:1043 | 2023-03-01T00:00:00Z |
| Red Hat Single Sign-On 7.6 for RHEL 8 | |||
| rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el8sso | cpe:/a:redhat:red_hat_single_sign_on:7.6::el8 | RHSA-2023:1044 | 2023-03-01T00:00:00Z |
| Red Hat Single Sign-On 7.6 for RHEL 9 | |||
| rh-sso7-keycloak-0:18.0.6-1.redhat_00001.1.el9sso | cpe:/a:redhat:red_hat_single_sign_on:7.6::el9 | RHSA-2023:1045 | 2023-03-01T00:00:00Z |
| RHEL-8 based Middleware Containers | |||
| rh-sso-7/sso76-openshift-rhel8:7.6-20 | cpe:/a:redhat:rhosemc:1.0::el8 | RHSA-2023:1047 | 2023-03-01T00:00:00Z |
| RHPAM 7.13.1 async | |||
| Moment.js | cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13 | RHSA-2022:6813 | 2022-10-05T00:00:00Z |
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 Debian DLA |
DLA-3295-1 | node-moment security update |
 EUVD |
EUVD-2022-1677 | Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied to all affected versions. As a workaround, sanitize the user-provided locale name before passing it to Moment.js. |
 Github GHSA |
GHSA-8hfj-j24r-96c4 | Path Traversal: 'dir/../../filename' in moment.locale |
 Ubuntu USN |
USN-5559-1 | Moment.js vulnerabilities |
References
History
Mon, 03 Nov 2025 22:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Sun, 13 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Mon, 05 May 2025 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 |
Mon, 28 Apr 2025 15:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Redhat jboss Enterprise Application Platform Eus
|
|
| CPEs | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 | |
| Vendors & Products |
Redhat jboss Enterprise Application Platform Eus
|
Wed, 23 Apr 2025 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sun, 08 Sep 2024 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/a:redhat:acm:2.4::el8 cpe:/a:redhat:acm:2.5::el8 |
Mon, 19 Aug 2024 22:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/a:redhat:acm:2.5::el8 |
Subscriptions
Debian
Subscribe
Debian Linux
Subscribe
Fedoraproject
Subscribe
Fedora
Subscribe
Momentjs
Subscribe
Moment
Subscribe
Netapp
Subscribe
Active Iq
Subscribe
Redhat
Subscribe
Acm
Subscribe
Ceph Storage
Subscribe
Jboss Enterprise Application Platform
Subscribe
Jboss Enterprise Application Platform Eus
Subscribe
Jboss Enterprise Bpms Platform
Subscribe
Jboss Fuse
Subscribe
Openshift Data Foundation
Subscribe
Openshift Distributed Tracing
Subscribe
Red Hat Single Sign On
Subscribe
Rhosemc
Subscribe
Service Mesh
Subscribe
Tenable
Subscribe
Tenable.sc
Subscribe
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-11-03T21:46:06.689Z
Reserved: 2022-02-10T00:00:00.000Z
Link: CVE-2022-24785
Vulnrichment
Updated: 2025-11-03T21:46:06.689Z
NVD
Status : Modified
Published: 2022-04-04T17:15:07.583
Modified: 2025-11-03T22:15:57.280
Link: CVE-2022-24785
Redhat
OpenCVE Enrichment
No data.