the web framework using ljharb's qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS. A malicious user can send a evil request to cause the web framework crash.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2017:2672 | |
https://github.com/ljharb/qs/issues/200 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:2672 | |
https://github.com/ljharb/qs/issues/200 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:04
Type | Values Removed | Values Added |
---|---|---|
References | () https://access.redhat.com/errata/RHSA-2017:2672 - | |
References | () https://github.com/ljharb/qs/issues/200 - Third Party Advisory |
Information
Published : 2017-07-17 13:18
Updated : 2024-11-21 03:04
NVD link : CVE-2017-1000048
Mitre link : CVE-2017-1000048
CVE.ORG link : CVE-2017-1000048
JSON object : View
Products Affected
qs_project
- qs
CWE
CWE-20
Improper Input Validation