[Git][security-tracker-team/security-tracker][master] Add CVE-2022-31129/node-moment

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
472b6aa9 by Salvatore Bonaccorso at 2022-07-13T08:31:35+02:00
Add CVE-2022-31129/node-moment

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11864,7 +11864,10 @@ CVE-2022-31131 (Nextcloud mail is a Mail app for the Nextcloud home server produ
 CVE-2022-31130
 	RESERVED
 CVE-2022-31129 (moment is a JavaScript date library for parsing, validating, manipulat ...)
-	TODO: check
+	- node-moment <unfixed>
+	NOTE: https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3 (2.29.4)
+	NOTE: https://github.com/moment/moment/pull/6015#issuecomment-1152961973
+	NOTE: https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g
 CVE-2022-31128
 	RESERVED
 CVE-2022-31127 (NextAuth.js is a complete open source authentication solution for Next ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/472b6aa9266a7f65a249c44effaa96b1c1d2da00

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/472b6aa9266a7f65a249c44effaa96b1c1d2da00
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220713/c3c68571/attachment.htm>