CVE-2023-25166

formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability.
Configurations

Configuration 1

cpe:2.3:a:hapi:formula:*:*:*:*:*:node.js:*:*

Information

Published : 2023-02-08 08:15

Updated : 2023-02-16 07:53


NVD link : CVE-2023-25166

Mitre link : CVE-2023-25166

Products Affected
No products.
CWE
CWE-1333

Inefficient Regular Expression Complexity