Download
| Alert*
|
oval:org.secpod.oval:def:505041
The qs module for Node.js is a querystring parser that supports nesting and arrays with a depth limit. The following packages have been upgraded to a later upstream version: rh-nodejs6-nodejs-qs . Security Fix: * It was found that ljharb"s qs module for Node.js did not properly parse query strings. ... oval:org.secpod.oval:def:1901558 the web framework using ljharb"s qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS. A malicious user can send a evil request to cause the web framework crash. |
