Moment.js 2.29.4 #9176

Mockabear · 2022-09-05T11:12:20Z

Describe the bug

There is a known vulnerability in Primefaces Elite 11.0.7:

primefaces-11.0.7.jar: moment.js (pkg:javascript/moment.js@2.29.3) : CVE-2022-31129

Reproducer

No response

Expected behavior

No response

PrimeFaces edition

Elite

PrimeFaces version

11.0.7

Theme

No response

JSF implementation

All

JSF version

2.3

Java version

13

Browser(s)

No response

melloware · 2022-09-05T11:39:23Z

Please follow this ticket: #8968 I marked it "elite" but its up to PrimeTek to backport to PF11 etc.

See: https://github.com/primefaces/primefaces#community--elite--pro

Mockabear added ‼️ needs-triage Issue needs triaging 🐞 defect Bug...Something isn't working labels Sep 5, 2022

melloware closed this as completed Sep 5, 2022

melloware added elite This issue is related to an Elite release and removed 🐞 defect Bug...Something isn't working ‼️ needs-triage Issue needs triaging labels Sep 5, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Moment.js 2.29.4 #9176

Moment.js 2.29.4 #9176

Mockabear commented Sep 5, 2022 •

edited

melloware commented Sep 5, 2022

Moment.js 2.29.4 #9176

Moment.js 2.29.4 #9176

Comments

Mockabear commented Sep 5, 2022 • edited

Describe the bug

Reproducer

Expected behavior

PrimeFaces edition

PrimeFaces version

Theme

JSF implementation

JSF version

Java version

Browser(s)

melloware commented Sep 5, 2022

Mockabear commented Sep 5, 2022 •

edited