CVE-2023-25166

Name of the Vulnerable Software and Affected Versions formula versions prior to 3.0.1

Description The issue arises when crafted user-provided strings are parsed by the formula parser, potentially leading to polynomial execution time and a denial of service. There are no known workarounds for this issue.

Recommendations For versions prior to 3.0.1, users should upgrade to 3.0.1 or later to resolve the issue. As a temporary workaround, consider restricting the input to the formula parser to minimize the risk of exploitation.