Lucene search
K

136 matches found

Vulnrichment
Vulnrichment
added 2026/05/09 4:3 a.m.9 views

CVE-2026-41311 LiquidJS is vulnerable to Denial of Service via circular block reference in layout

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.7, a circular block reference in % layout % / % block % causes an infinite recursive loop, consuming all available memory 4GB and crashing the Node.js process with FATAL ERROR: JavaScript he...

7.5CVSS5.7AI score0.00382EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/05/09 4:3 a.m.5 views

CVE-2026-41311

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.7, a circular block reference in % layout % / % block % causes an infinite recursive loop, consuming all available memory 4GB and crashing the Node.js process with FATAL ERROR: JavaScript he...

7.5CVSS5.7AI score0.00382EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/05/09 4:3 a.m.12 views

EUVD-2026-28886

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.7, a circular block reference in % layout % / % block % causes an infinite recursive loop, consuming all available memory 4GB and crashing the Node.js process with FATAL ERROR: JavaScript he...

7.5CVSS5.7AI score0.00382EPSS
Exploits1References3
CVE
CVE
added 2026/05/09 4:3 a.m.26 views

CVE-2026-41311

Vulnerability: CVE-2026-41311 affects LiquidJS (Shopify/GitHub Pages compatible template engine). Before 10.25.7, a circular reference in {% layout %} / {% block %} can trigger infinite recursion, exhausting memory (~4 GB) and crashing the Node.js process. Impact: Denial of Service from user-subm...

7.5CVSS5.7AI score0.00382EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/05/09 4:3 a.m.70 views

CVE-2026-41311 LiquidJS is vulnerable to Denial of Service via circular block reference in layout

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.7, a circular block reference in % layout % / % block % causes an infinite recursive loop, consuming all available memory 4GB and crashing the Node.js process with FATAL ERROR: JavaScript he...

7.5CVSS0.00382EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/09 12:0 a.m.10 views

liquidjs 安全漏洞

liquidjs is a simple, expressive, secure and Shopify-compatible pure JavaScript template engine by Jun Yang, a personal developer. A security vulnerability exists in liquidjs versions prior to 10.25.7, which stems from a circular block reference that leads to an infinite recursive loop, consuming...

7.5CVSS5.8AI score0.00382EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2026/04/24 3:34 p.m.8 views

@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.1.0) +93 more potentially affected by CVE-2026-41311 via liquidjs (>=10.10.0 <=10.25.6)

liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =0.5.5, =0.8.0, =1.0.1, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.0.0-beta.1, =1.0.0-beta.4 - @clairview/api =23.1.0 and more Source cves: CVE-2026-41311 Source advisory: OSV:GHSA-4RC3-7J7W-M548...

7.5CVSS5.7AI score0.00382EPSS
Exploits1
Snyk
Snyk
added 2026/04/24 3:34 p.m.5 views

Uncontrolled Recursion

Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to Uncontrolled Recursion through a circular reference in the block.ts during OUTPUT mode. An attacker can cause the application to enter ...

8.7CVSS5.4AI score0.00382EPSS
Exploits1References2
OSV
OSV
added 2026/04/24 3:34 p.m.4 views

GHSA-4RC3-7J7W-M548 liquidjs has a Denial of Service via circular block reference in layout

Summary A circular block reference in % layout % / % block % causes an infinite recursive loop, consuming all available memory 4GB and crashing the Node.js process with FATAL ERROR: JavaScript heap out of memory. This allows any user who can submit a Liquid template to perform a Denial of Service...

7.5CVSS5.5AI score0.00382EPSS
Exploits1References5
Veracode
Veracode
added 2026/04/16 8:59 a.m.12 views

Path Traversal

LiquidJS is vulnerable to Path Traversal. The vulnerability is due to the top-level file loads not enforcing the boundary set by the configured root, where a Liquid instance configured with an empty temporary directory as root can return the contents of arbitrary files and attackers can exploit...

7.5CVSS5.8AI score0.00447EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2026/04/16 8:45 a.m.7 views

Memory Limit Bypass

LiquidJS is vulnerable to Memory Limit Bypass. The vulnerability is due to the replace filter incorrectly accounting for memory usage when the memoryLimit option is enabled, where an attacker who controls template content can bypass the memoryLimit DoS protection with approximately 2,500x...

5.3CVSS5.8AI score0.00495EPSS
Exploits1References4Affected Software1
Veracode
Veracode
added 2026/04/16 7:36 a.m.8 views

Path Traversal

LiquidJS is vulnerable to Path Traversal. The vulnerability is due to the path-based check for partial and layout roots, where a symlink to a file outside the allowed root can be loaded if it is placed inside an allowed partials or layouts directory, and attackers can exploit this by placing...

8.2CVSS5.8AI score0.00396EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/11 1:21 a.m.4 views

CVE-2026-39859

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, liquidjs 10.25.0 documents root as constraining filenames passed to renderFile and parseFile, but top-level file loads do not enforce that boundary. A Liquid instance configured with an empty...

7.5CVSS5.9AI score0.00447EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/11 1:21 a.m.4 views

CVE-2026-34166

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, the replace filter in LiquidJS incorrectly accounts for memory usage when the memoryLimit option is enabled. It charges str.length + pattern.length + replacement.length bytes to the memory limite...

5.3CVSS5.8AI score0.00495EPSS
Exploits1References1
NVD
NVD
added 2026/04/08 8:16 p.m.3 views

CVE-2026-39859

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, liquidjs 10.25.0 documents root as constraining filenames passed to renderFile and parseFile, but top-level file loads do not enforce that boundary. A Liquid instance configured with an empty...

7.5CVSS0.00447EPSS
Exploits0References1
NVD
NVD
added 2026/04/08 8:16 p.m.4 views

CVE-2026-39412

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.4, the sortnatural filter bypasses the ownPropertyOnly security option, allowing template authors to extract values of prototype-inherited properties through a sorting side-channel attack...

7.5CVSS0.00403EPSS
Exploits1References4
NVD
NVD
added 2026/04/08 8:16 p.m.4 views

CVE-2026-35525

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, for % include %, % render %, and % layout %, LiquidJS checks whether the candidate path is inside the configured partials or layouts roots before reading it. That check is path-based, not...

8.2CVSS0.00396EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/08 7:45 p.m.25 views

CVE-2026-39859 LiquidJS has a renderFile() / parseFile() bypass configured root and allow arbitrary file read

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, liquidjs 10.25.0 documents root as constraining filenames passed to renderFile and parseFile, but top-level file loads do not enforce that boundary. A Liquid instance configured with an empty...

6.3CVSS0.00447EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 7:45 p.m.3 views

CVE-2026-39859 LiquidJS has a renderFile() / parseFile() bypass configured root and allow arbitrary file read

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, liquidjs 10.25.0 documents root as constraining filenames passed to renderFile and parseFile, but top-level file loads do not enforce that boundary. A Liquid instance configured with an empty...

6.3CVSS5.9AI score0.00447EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 7:45 p.m.24 views

CVE-2026-39859

LiquidJS (liquidjs) has a path traversal vulnerability in renderFile()/parseFile() where top-level file loads do not enforce the configured root boundary, allowing access to arbitrary local files when root is empty. Affected versions are before 10.25.3; the issue is fixed in 10.25.3 (per NVD/Red ...

7.5CVSS6AI score0.00447EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder