VYPR

npm package

@sideway/formula

pkg:npm/%40sideway/formula

Vulnerabilities (1)

  • CVE-2023-25166Feb 8, 2023
    affected < 3.0.1fixed 3.0.1

    formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability.