Posted on

moment Package up to 2.11.1 on Node.js Regex duration CPU Exhaustion denial of service

A vulnerability was found in moment Package up to 2.11.1 on Node.js (JavaScript Library). It has been declared as problematic. This vulnerability affects the function duration of the component Regex Handler. Upgrading to version 2.11.2 eliminates this vulnerability. A possible mitigation has been published 2 years after the disclosure of the vulnerability.