sideway/formula is vulnerable to Regular Expression Denial Of Service (ReDoS). The vulnerability exists in index.js
due to regular expression complexity which allows attacker to provide crafted strings to the formula’s parser that might lead to polynomial execution time causing an application crash.
CPE | Name | Operator | Version |
---|---|---|---|
@sideway/formula | eq | 3.0.0 | |
@sideway/formula | eq | 3.0.0 |