Liquidjs
Monthly
{{ huge_array | pop }}` trigger an O(N) full clone of an attacker-influenced array that bypasses the engine's configured memoryLimit budget, enabling denial of service through memory exhaustion. The `pop` array filter in src/filters/array.ts clones its input via `[...toArray(v)]` without routing the allocation through `this.context.memoryLimit.use(...)`, so the safety guard applications rely on is silently defeated. There is no public exploit identified at time of analysis, EPSS/KEV data was not supplied, and the impact is limited to availability (no confidentiality or integrity loss).
liquidjs is a Shopify / GitHub Pages compatible template engine in pure JavaScript. versions up to 10.25.0 is affected by path traversal.
The package liquidjs before 10.0.0 are vulnerable to Information Exposure when ownPropertyOnly parameter is set to False, which results in leaking properties of a prototype. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
{{ huge_array | pop }}` trigger an O(N) full clone of an attacker-influenced array that bypasses the engine's configured memoryLimit budget, enabling denial of service through memory exhaustion. The `pop` array filter in src/filters/array.ts clones its input via `[...toArray(v)]` without routing the allocation through `this.context.memoryLimit.use(...)`, so the safety guard applications rely on is silently defeated. There is no public exploit identified at time of analysis, EPSS/KEV data was not supplied, and the impact is limited to availability (no confidentiality or integrity loss).
liquidjs is a Shopify / GitHub Pages compatible template engine in pure JavaScript. versions up to 10.25.0 is affected by path traversal.
The package liquidjs before 10.0.0 are vulnerable to Information Exposure when ownPropertyOnly parameter is set to False, which results in leaking properties of a prototype. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.