hapijs/formula on GitHub
Math and string operations
CVE History
CVE | Published | CVSS v2 | CVSS v3 |
---|---|---|---|
CVE-2023-25166 | 6.5 MEDIUM | N/A | |
formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability. |