Lucene search
K

23 matches found

RedHat Linux
RedHat Linux
added 2026/06/30 12:13 a.m.8 views

qs: qs: Denial of Service via improper input validation in array parsing

A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation e.g., a=value. This bypasses the arrayLimit option, which is designed to limit the size of...

6.3CVSS6.7AI score0.0041EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 3:12 p.m.11 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in qs-6.14.1.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in qs-6.14.1.tgz Vulnerability Details CVEID:CVE-2026-2391 DESCRIPTION: Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-servic...

7.5CVSS7.1AI score0.00478EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/15 2:21 p.m.10 views

Security Bulletin: A vulnerability in the qs package affects IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary A vulnerability in the qs package affects IBM® Db2® Big SQL 8 and earlier on IBM Cloud Pak for Data 5.3.1 and earlier. Vulnerability Details CVEID:CVE-2026-2391 DESCRIPTION: Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled,...

7.5CVSS7.1AI score0.00478EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/05 10:14 a.m.11 views

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.7.0 Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI...

9.8CVSS7.3AI score0.04456EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 12:31 p.m.6 views

Security Bulletin: qs Array Limit Bypass via Comma Parsing Enables Denial of Service

Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...

7.5CVSS6.8AI score0.00478EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/07 3:44 p.m.5 views

Security Bulletin: DevOps Test Performance contains a vulnerabilty related to use of the qs library

Summary Due to the use of the qs library, DevOps Test Performance and Rational Performance Tester contain a potential denial-of-service vulnerability. Vulnerability Details CVEID:CVE-2026-2391 DESCRIPTION: Summary The arrayLimit option in qs does not enforce limits for comma-separated values when...

7.5CVSS6.4AI score0.00478EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-2391

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-servi...

7.5CVSS6.7AI score0.00478EPSS
Exploits2References4
OSV
OSV
added 2026/02/12 5:4 p.m.1 views

GHSA-W7FW-MJWX-W883 qs's arrayLimit bypass in comma parsing allows denial of service

Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...

3.7CVSS7.1AI score0.00478EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/02/12 5:4 p.m.14 views

qs's arrayLimit bypass in comma parsing allows denial of service

Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...

7.5CVSS5.5AI score0.00478EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/02/12 5:17 a.m.4 views

AZL-77597 CVE-2026-2391 affecting package nodejs-nodemon 2.0.3-5

Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...

7.5CVSS7.1AI score0.00478EPSS
Exploits1References1
OSV
OSV
added 2026/02/12 5:17 a.m.9 views

AZL-77594 CVE-2026-2391 affecting package js-jquery 3.5.0-4

Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...

7.5CVSS5.8AI score0.00478EPSS
Exploits1References1
OSV
OSV
added 2026/02/12 5:17 a.m.9 views

AZL-77601 CVE-2026-2391 affecting package js-jquery 3.5.0-4

Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...

7.5CVSS6.6AI score0.00478EPSS
Exploits1References1
NVD
NVD
added 2026/02/12 5:17 a.m.13 views

CVE-2026-2391

Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...

7.5CVSS0.00478EPSS
Exploits1References2
OSV
OSV
added 2026/02/12 5:17 a.m.8 views

AZL-77616 CVE-2026-2391 affecting package nodejs-nodemon 2.0.3-4

Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...

7.5CVSS7.1AI score0.00478EPSS
Exploits1References1
OSV
OSV
added 2026/02/12 5:17 a.m.6 views

UBUNTU-CVE-2026-2391

Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...

7.5CVSS7.1AI score0.00478EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/12 4:39 a.m.3 views

CVE-2026-2391

Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...

6.3CVSS5.5AI score0.00478EPSS
Exploits2References3
OSV
OSV
added 2026/02/12 4:39 a.m.4 views

CVE-2026-2391 qs's arrayLimit bypass in comma parsing allows denial of service

Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...

6.3CVSS6AI score0.00478EPSS
Exploits1References6
CVE
CVE
added 2026/02/12 4:39 a.m.87 views

CVE-2026-2391

CVE-2026-2391 : The qs library vulnerability arises when using comma parsing (comma: true). The code bypasses the arrayLimit check by returning val.split(',') before the limit, allowing creation of very large arrays from a single parameter (e.g., ?param=a,b,c with a high density of commas). This ...

7.5CVSS5.5AI score0.00478EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/12 4:39 a.m.7 views

CVE-2026-2391 qs's arrayLimit bypass in comma parsing allows denial of service

Summary The arrayLimit option in qs does not enforce limits for comma-separated values when comma: true is enabled, allowing attackers to cause denial-of-service via memory exhaustion. This is a bypass of the array limit enforcement, similar to the bracket notation bypass addressed in...

6.3CVSS5.5AI score0.00478EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.8 views

PT-2026-7816

Name of the Vulnerable Software and Affected Versions qs affected versions not specified Description The arrayLimit option in the qs library does not correctly enforce limits when parsing comma-separated values with the comma option enabled. This allows attackers to potentially cause a...

7.5CVSS6.5AI score0.00478EPSS
Exploits1References157
Rows per page
Query Builder