mirror/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2026-05-23 16:20:35 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1647 from npt-1707/fix_CVE-2022-24785

Browse Source 
Fix potentially vulnerable cloned function
This commit is contained in:
Jokob @NetAlertX
2026-05-18 12:18:45 +10:00
committed by GitHub
parent f0684c66c2 35dc9f9fa0
commit 9eaaf50caf
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
front/lib/moment/moment.js
View File

@@ -1842,11 +1842,16 @@
return globalLocale;
}
function isLocaleNameSane(name) {
// Prevent names that look like filesystem paths, i.e contain '/' or '\'
return name.match('^[^/\\\\]*$') != null;
}
function loadLocale(name) {
var oldLocale = null;
// TODO: Find a better way to register and load all the locales in Node
if (!locales[name] && (typeof module !== 'undefined') &&
module && module.exports) {
module && module.exports && isLocaleNameSane(name)) {
try {
oldLocale = globalLocale._abbr;
var aliasedRequire = require;