formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability.
References
Configurations
History
No history.
Information
Published : 2023-02-08 20:15
Updated : 2024-02-28 19:51
NVD link : CVE-2023-25166
Mitre link : CVE-2023-25166
CVE.ORG link : CVE-2023-25166
JSON object : View
Products Affected
hapi
- formula
CWE
CWE-1333
Inefficient Regular Expression Complexity