CVE-2022-24785

Path Traversal in Moment.js

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied to all affected versions. As a workaround, sanitize the user-provided locale name before passing it to Moment.js.

Moment.js es una librería de fechas en JavaScript para analizar, comprobar, manipular y formatear fechas. Una vulnerabilidad de salto de ruta afecta a usuarios de npm (servidor) de Moment.js entre las versiones 1.0.1 y 2.29.1, especialmente si es usada directamente una cadena de configuración regional proporcionada por el usuario para cambiar la configuración regional de Moment. Este problema está parcheado en la versión 2.29.2, y el parche puede aplicarse a todas las versiones afectadas. Como medida de mitigación, sanee el nombre de la configuración regional proporcionada por el usuario antes de pasarlo a Moment.js

A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.

Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.2 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, html injection, memory exhaustion, open redirection, server-side request forgery, and traversal vulnerabilities.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-02-10 CVE Reserved
2022-04-04 CVE Published
2024-08-03 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-27: Path Traversal: 'dir/../../filename'

CAPEC

References (9)

URL	Tag	Source
https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html	Mailing List
https://security.netapp.com/advisory/ntap-20220513-0006	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5	2023-11-07
https://www.tenable.com/security/tns-2022-09	2023-11-07

URL	Date	SRC
https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5	2023-11-07
https://access.redhat.com/security/cve/CVE-2022-24785	2023-06-29
https://bugzilla.redhat.com/show_bug.cgi?id=2072009	2023-06-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Momentjs Search vendor "Momentjs"		Moment Search vendor "Momentjs" for product "Moment"				>= 1.0.1 < 2.29.2 Search vendor "Momentjs" for product "Moment" and version " >= 1.0.1 < 2.29.2"		node.js		Affected
Momentjs Search vendor "Momentjs"		Moment Search vendor "Momentjs" for product "Moment"				>= 1.0.1 < 2.29.2 Search vendor "Momentjs" for product "Moment" and version " >= 1.0.1 < 2.29.2"		nuget		Affected
Tenable Search vendor "Tenable"		Tenable.sc Search vendor "Tenable" for product "Tenable.sc"				< 5.21.0 Search vendor "Tenable" for product "Tenable.sc" and version " < 5.21.0"		-		Affected
Netapp Search vendor "Netapp"		Active Iq Search vendor "Netapp" for product "Active Iq"				-		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				35 Search vendor "Fedoraproject" for product "Fedora" and version "35"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				36 Search vendor "Fedoraproject" for product "Fedora" and version "36"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0"		-		Affected