Lucene search
+L

216 matches found

CVE
CVE
added 2017/07/13 8:0 p.m.111 views

CVE-2017-1000048

CVE-2017-1000048 applies to ljharb’s qs module; older versions v6.0.4, v6.1.2, v6.2.3 and v6.3.1 (i.e., older than v6.3.2) are vulnerable to a DoS where a malicious request can crash the application. The connected documents corroborate a Denial of Service impact via input handling in qs, and indi...

7.5CVSS7.2AI score0.02395EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2016/07/05 6:25 a.m.7 views

nodejs-qs: Denial-of-Service Memory Exhaustion

The nodejs-qs module has the ability to create sparse arrays during parsing. By specifying a high index in a querystring parameter it is possible to create a large array that will eventually take up all the allocated memory of the running process, resulting in a crash...

5CVSS7.1AI score0.08309EPSS
Exploits0References4
Node.js
Node.js
added 2015/10/17 7:41 p.m.45 views

Denial-of-Service Memory Exhaustion

Overview Versions prior to 1.0 of qs are affected by a denial of service condition. This condition is triggered by parsing a crafted string that deserializes into very large sparse arrays, resulting in the process running out of memory and eventually crashing. Recommendation Update to version 1.0...

5CVSS3.1AI score0.08309EPSS
Exploits0Affected Software1
Node.js
Node.js
added 2015/10/17 7:41 p.m.68 views

Denial-of-Service Extended Event Loop Blocking

Overview Versions prior to 1.0.0 of qs are affected by a denial of service vulnerability that results from excessive recursion in parsing a deeply nested JSON string. Recommendation Update to version 1.0.0 or later References GitHub Advisory...

5CVSS4.8AI score0.01286EPSS
Exploits0Affected Software1
NVD
NVD
added 2014/10/19 1:55 a.m.16 views

CVE-2014-7191

The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service memory consumption by using a large index value to create a sparse array...

5CVSS8.3AI score0.08309EPSS
Exploits0References10
OSV
OSV
added 2014/10/19 1:55 a.m.4 views

DEBIAN-CVE-2014-7191

The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service memory consumption by using a large index value to create a sparse array...

5CVSS7.2AI score0.08309EPSS
Exploits0References1
Prion
Prion
added 2014/10/19 1:55 a.m.24 views

Design/Logic Flaw

The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service memory consumption by using a large index value to create a sparse array...

5CVSS7AI score0.08309EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2014/10/19 1:55 a.m.4 views

UBUNTU-CVE-2014-7191

The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service memory consumption by using a large index value to create a sparse array...

5CVSS7.1AI score0.08309EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2014/10/19 1:55 a.m.32 views

CVE-2014-7191

The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service memory consumption by using a large index value to create a sparse array...

5CVSS7.1AI score0.08309EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2014/10/19 1:0 a.m.59 views

CVE-2014-7191

The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service memory consumption by using a large index value to create a sparse array...

5CVSS7.1AI score0.08309EPSS
Exploits0
Cvelist
Cvelist
added 2014/10/19 1:0 a.m.36 views

CVE-2014-7191

The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service memory consumption by using a large index value to create a sparse array...

8.2AI score0.08309EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2014/10/07 12:0 a.m.25 views

Fedora Update for nodejs-qs FEDORA-2014-11376

Check the version of nodejs-qs SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868364";...

5CVSS8.7AI score0.08309EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/10/07 12:0 a.m.27 views

Fedora Update for nodejs-qs FEDORA-2014-11399

Check the version of nodejs-qs SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868363";...

5CVSS8.7AI score0.08309EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/10/06 12:0 a.m.31 views

Fedora 19 : nodejs-qs-0.6.6-3.fc19 (2014-11399)

The qs module has the ability to create sparse arrays during parsing. By specifying a high index it is possible to create a large array that will eventually take up all the allocated memory of the running process, resulting in a crash. More information:...

5CVSS7.2AI score0.08309EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/10/06 12:0 a.m.27 views

Fedora 20 : nodejs-qs-0.6.6-3.fc20 (2014-11376)

The qs module has the ability to create sparse arrays during parsing. By specifying a high index it is possible to create a large array that will eventually take up all the allocated memory of the running process, resulting in a crash. More information:...

5CVSS7.2AI score0.08309EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/09/29 12:0 a.m.31 views

Fedora 21 : nodejs-qs-0.6.6-3.fc21 (2014-11309)

The qs module has the ability to create sparse arrays during parsing. By specifying a high index it is possible to create a large array that will eventually take up all the allocated memory of the running process, resulting in a crash. More information:...

5.4AI score
Exploits0References3
Rows per page
Query Builder