CVE-2016-4055

Reference Links

• https://www.cve.org/CVERecord?id=CVE-2016-4055 https://nvd.nist.gov/vuln/detail/CVE-2016-4055 https://nodesecurity.io/advisories/55
• https://bugzilla.redhat.com/show_bug.cgi?id=1304645
• https://access.redhat.com/security/cve/CVE-2016-4055
• https://github.com/moment/moment/pull/2939
• https://nodesecurity.io/advisories/55
• https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1304649
• http://seclists.org/oss-sec/2016/q2/122
• http://www.openwall.com/lists/oss-security/2016/04/20/11
• http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
• http://www.securityfocus.com/bid/95849
• https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3Cdev.flink.apache.org%3E
• https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3Cuser.flink.apache.org%3E
• https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3Cuser.flink.apache.org%3E
• https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3Cuser.flink.apache.org%3E
• https://www.tenable.com/security/tns-2019-02
• https://exchange.xforce.ibmcloud.com/vulnerabilities/112574
• https://www.ibm.com/support/pages/node/6444037 (Advisory)
• https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E
• https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E
• https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E
• https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E

Parent vulnerabilities

(Appears in the following advisories)

• IBM-6444037

Frequently Asked Questions

• What is CVE-2016-4055?

  CVE-2016-4055 is a vulnerability in the Node.js moment module that allows remote attackers to cause a denial of service.

• What is the severity of CVE-2016-4055?

  The severity of CVE-2016-4055 is high with a severity value of 6.5.

• How does CVE-2016-4055 affect software?

  CVE-2016-4055 affects the Node.js moment module versions before 2.11.2, Tenable Nessus version up to 8.2.3, and Oracle Primavera Unifier versions between 16.0 and 18.8.4.

• How can CVE-2016-4055 be exploited?

  CVE-2016-4055 can be exploited by using a regular expression to cause the affected application to hang.

• Where can I find more information about CVE-2016-4055?

  More information about CVE-2016-4055 can be found at the following references: [CVE website](https://www.cve.org/CVERecord?id=CVE-2016-4055), [NIST NVD](https://nvd.nist.gov/vuln/detail/CVE-2016-4055), [Node Security Advisories](https://nodesecurity.io/advisories/55), [Red Hat Bugzilla](https://bugzilla.redhat.com/show_bug.cgi?id=1304645), [Red Hat Security](https://access.redhat.com/security/cve/CVE-2016-4055)