Описание
The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 2.2.4-1 |
| cosmic | not-affected | 2.2.4-1 |
| devel | not-affected | 2.2.4-1 |
| disco | not-affected | 2.2.4-1 |
| eoan | not-affected | 2.2.4-1 |
| esm-apps/bionic | not-affected | 2.2.4-1 |
| esm-apps/focal | not-affected | 2.2.4-1 |
| esm-apps/jammy | not-affected | 2.2.4-1 |
| esm-apps/xenial | not-affected | 2.2.4-1 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.
The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.
The qs module before 1.0.0 in Node.js does not call the compact functi ...
EPSS
5 Medium
CVSS2