CVE-2023-25166

formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:hapi:formula:*:*:*:*:*:node.js:*:*

History

No history.

Information

Published : 2023-02-08 20:15

Updated : 2024-02-28 19:51


NVD link : CVE-2023-25166

Mitre link : CVE-2023-25166

CVE.ORG link : CVE-2023-25166


JSON object : View

Products Affected

hapi

  • formula
CWE
CWE-1333

Inefficient Regular Expression Complexity