TROYANOSYVIRUS
Volver a CVEs

CVE-2026-34166

LOW
3.7

Descripcion

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, the replace filter in LiquidJS incorrectly accounts for memory usage when the memoryLimit option is enabled. It charges str.length + pattern.length + replacement.length bytes to the memory limiter, but the actual output from str.split(pattern).join(replacement) can be quadratically larger when the pattern occurs many times in the input string. This allows an attacker who controls template content to bypass the memoryLimit DoS protection with approximately 2,500x amplification, potentially causing out-of-memory conditions. This vulnerability is fixed in 10.25.3.

Detalles CVE

Puntuacion CVSS v3.13.7
SeveridadLOW
Vector CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Vector de ataqueNETWORK
ComplejidadHIGH
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado4/8/2026
Ultima modificacion4/10/2026
Fuentenvd
Avistamientos honeypot0

Productos afectados

liquidjs:liquidjs

Debilidades (CWE)

CWE-400

Referencias

https://github.com/harttle/liquidjs/commit/abc058be0f33d6372cd2216f4945183167abeb25(security-advisories@github.com)
https://github.com/harttle/liquidjs/releases/tag/v10.25.3(security-advisories@github.com)
https://github.com/harttle/liquidjs/security/advisories/GHSA-mmg9-6m6j-jqqx(security-advisories@github.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.