Описание
@sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability
Impact
User-provided strings to formula's parser might lead to polynomial execution time.
Patches
Users should upgrade to 3.0.1+.
Workarounds
None.
Пакеты
@sideway/formula
< 3.0.1
3.0.1
Связанные уязвимости
formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability.
formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability.