MEDIUM
Momentjs
CVE published 2017-01-23
CVE-2016-4055
CVE-2016-4055 is a regular expression denial-of-service issue in Moment.js duration handling before version 2.11.2. According to NVD, attacker-controlled long strings can drive excessive CPU consumption and deny service. The NVD record rates the issue Medium (CVSS 6.5) with network attack, low attack complexity, no user interaction, and high availability impact.