Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

Missing Function Level Access Control in Mozilla formula containsRegular Expression Denial of Service (CVE-2023-25166)

Medium
M
Mozilla
Submitted None

Team Summary

Official summary from Mozilla

sideway/formula package which is used in https://github.com/mozilla/bedrock contains Regular Expression Denial of Service (ReDoS) Vulnerability. The issue was fixed by upgrading the package to a secure version.

Actions:
View on HackerOne
Reported by hackeronanywhere

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Submitted

Weakness

Uncontrolled Resource Consumption