CVE-2023-23925

Name of the Vulnerable Software and Affected Versions Switcher Client versions prior to 3.1.4

Description The issue arises from unsanitized input flowing into the Strategy match operation, specifically the EXIST operation, where it is used to build a regular expression. This can result in a Regular expression Denial of Service attack.

Recommendations For versions prior to 3.1.4, as a temporary workaround, consider avoiding the use of Strategy settings that utilize REGEX in conjunction with EXIST and NOT EXIST operations until a patch is applied. Update to version 3.1.4 to resolve the issue.