Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2024/04/12 11:7 a.m.2 views

OESA-2024-1402 nodejs-qs security update

This is a query string parser for node and the browser supporting nesting, as it was removed from 0.3.x, so this library provides the previous and commonly desired behavior and twice as fast. Used by express, connect and others. Security Fixes: qs before 6.10.3, as used in Express before 4.17.3 a...

7.5CVSS7AI score0.01543EPSS
Exploits2References2
OpenVAS
OpenVASadded 2023/03/28 12:0 a.m.30 views

Mageia: Security Advisory (MGASA-2023-0053)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.8AI score0.01543EPSS
Exploits2References5
RedHat Linux
RedHat Linuxadded 2017/09/07 2:30 p.m.1 views

nodejs-qs: Prototype override protection bypass

It was found that ljharb's qs module for Node.js did not properly parse query strings. An attacker could send a specially crafted query that overwrites the resulting object's prototype properties such as toString or hasOwnProperty, resulting in a denial of service when the overwritten function...

7.5CVSS7.1AI score0.00808EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2016/07/05 6:25 a.m.2 views

nodejs-qs: Denial-of-Service Memory Exhaustion

The nodejs-qs module has the ability to create sparse arrays during parsing. By specifying a high index in a querystring parameter it is possible to create a large array that will eventually take up all the allocated memory of the running process, resulting in a crash...

5CVSS7.1AI score0.0069EPSS
Exploits0References4
OpenVAS
OpenVASadded 2014/10/07 12:0 a.m.24 views

Fedora Update for nodejs-qs FEDORA-2014-11376

Check the version of nodejs-qs SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868364";...

5CVSS8.7AI score0.0069EPSS
Exploits0References2
OpenVAS
OpenVASadded 2014/10/07 12:0 a.m.27 views

Fedora Update for nodejs-qs FEDORA-2014-11399

Check the version of nodejs-qs SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868363";...

5CVSS8.7AI score0.0069EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2014/09/29 12:0 a.m.31 views

Fedora 21 : nodejs-qs-0.6.6-3.fc21 (2014-11309)

The qs module has the ability to create sparse arrays during parsing. By specifying a high index it is possible to create a large array that will eventually take up all the allocated memory of the running process, resulting in a crash. More information:...

5.4AI score
Exploits0References3
Rows per page
Query Builder