Lucene search
K

7 matches found

NVD
NVD
added 2026/03/26 1:16 a.m.5 views

CVE-2026-33287

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, the replacefirst filter in LiquidJS uses JavaScript's String.prototype.replace which interprets $& as a back reference to the matched substring. The filter only charges memoryLimit for th...

7.5CVSS0.00471EPSS
Exploits1References2
CVE
CVE
added 2026/03/26 12:33 a.m.19 views

CVE-2026-33287

LiquidJS has a vulnerability where the replace_first filter uses String.prototype.replace(), causing $& expansions to inflate output without counting against memoryLimit. This can yield exponential memory amplification (up to ~625,000:1) and denial of service. Publicly documented details show the...

7.5CVSS5.8AI score0.00471EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/26 12:33 a.m.4 views

CVE-2026-33287 LiquidJS has Exponential Memory Amplification through its replace_first Filter $& Pattern

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, the replacefirst filter in LiquidJS uses JavaScript's String.prototype.replace which interprets $& as a back reference to the matched substring. The filter only charges memoryLimit for th...

7.5CVSS5.9AI score0.00471EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/25 5:44 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the replacefirst function. An attacker can exhaust system memory and disru...

8.7CVSS5.9AI score0.00471EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/25 5:44 p.m.7 views

EUVD-2026-16064

LiquidJS has Exponential Memory Amplification through its replacefirst Filter $& Pattern...

7.5CVSS5.8AI score0.00471EPSS
Exploits1References2
OSV
OSV
added 2026/03/25 5:44 p.m.5 views

GHSA-6Q5M-63H6-5X4V LiquidJS has Exponential Memory Amplification through its replace_first Filter $& Pattern

Summary The replacefirst filter in LiquidJS uses JavaScript's String.prototype.replace which interprets $& as a backreference to the matched substring. The filter only charges memoryLimit for the input string length, not the amplified output. An attacker can achieve exponential memory amplificati...

7.5CVSS6AI score0.00471EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.11 views

PT-2026-28163

Name of the Vulnerable Software and Affected Versions LiquidJS versions prior to 10.25.1 Description LiquidJS is susceptible to a denial of service condition due to insufficient memory limit enforcement within the replace first filter. The filter utilizes JavaScript's String.prototype.replace,...

7.5CVSS5.8AI score0.00471EPSS
Exploits1References5
Rows per page
Query Builder