Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Regular Expression Denial of Service (ReDoS) Vulnerability
Vulnerability Description
formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Vulnerability Type
CWE-1333
Vulnerability Title
formula 安全漏洞
Vulnerability Description
formula是hapi.js开源的一个数学和字符串运算库。 formula 3.0.1之前版本存在安全漏洞,该漏洞源于精心制作的字符串输入到公式解析器可能会导致多项式执行时间和拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A