Описание
Qwik is a performance focused javascript framework. Prior to version 1.12.0, a typo in the regular expression within isContentType causes incorrect parsing of certain Content-Type headers. This issue has been patched in version 1.12.0.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| qwik | removed | package |
Связанные уязвимости
CVSS3: 5.9
nvd
4 дня назад
Qwik is a performance focused javascript framework. Prior to version 1.12.0, a typo in the regular expression within isContentType causes incorrect parsing of certain Content-Type headers. This issue has been patched in version 1.12.0.
CVSS3: 5.9
github
4 дня назад
Qwik City CSRF protection middleware does not work properly for content type header with parameters (eg. multipart/form-data)