VYPR

Go modules package

github.com/expr-lang/expr

pkg:golang/github.com/expr-lang/expr

Vulnerabilities (2)

  • CVE-2025-68156Dec 16, 2025
    affected < 1.17.7fixed 1.17.7

    Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and `median`, perform recursive traversal over user-provided data structures without enforcing a maximum recursi

  • CVE-2025-29786HigMar 17, 2025
    affected < 1.17.0fixed 1.17.0

    Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree (AST) node for each part of the expression