[JSDSERVER-14768] Upgrade moment library to 2.29.2+ as required for CVE-2022-24785 and CVE-2022-31129

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: 5.13.0, 5.12.1, 5.4.13
Affects Version/s: 5.11.1
Component/s: Assets Integration
Labels:

Introduced in Version:
9.11
Support reference count:
4
Symptom Severity:
Severity 1 - Critical
UIS:
15
Bug Fix Policy:
View Atlassian Server bug fix policy

Hi,

Is it possible to upgrade the moment.js library to 2.29.2 on all Jira SM versions? (It seems fixed in for Jira SW as mentioned https://jira.atlassian.com/browse/JRASERVER-75017) In JSM it is still discovered as a vulnerability.

is related to

JRASERVER-75017 Upgrade moment library to 2.29.2+ for LTS version as required for CVE-2022-24785 and CVE-2022-31129

Closed

mentioned in: Page Failed to load; Page Failed to load; Page Failed to load

Form Name

No work has yet been logged on this issue.

Assignee:: Unassigned

Reporter:: Jose Antonio Uribe

Affected customers:: 1 This affects my team

Watchers:: 4 Start watching this issue

Created:: 11/Oct/2023 3:26 PM

Updated:: 07/Mar/2024 7:28 AM

Resolved:: 05/Dec/2023 8:59 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates

Backbone Issue Sync