Moderate severity vulnerability that affects moment

Withdrawn, accidental duplicate publish.

The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)."

Published: Jul 31, 2018
Updated: Apr 14, 2023
GHSA: GHSA-hxf5-mg84-pj4m
Severity: Medium
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
moment	-	2.11.2

No references available.

Vulnerability Database

289,697

Moderate severity vulnerability that affects moment