formula is a math and string formula parser. In versions prior to 3.0.1 crafted user-provided strings to formula's parser might lead to polynomial execution time and a denial of service. Users should upgrade to 3.0.1+. There are no known workarounds for this vulnerability.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| @sideway/formula(npm) | 0 | 3.0.1 | N/A |
CVSS Metrics
