pkg:npm/qs

共 7 筆 CVEHIGH3MEDIUM1LOW2

✅ 檢查你的版本

所有已知漏洞

  • HIGH7.5CVE-2022-24999qs vulnerable to Prototype Pollution
    >= 6.10.0, < 6.10.3
  • HIGH7.5CVE-2017-1000048Prototype Pollution Protection Bypass in qs
    from 0, < 6.0.4
  • HIGH7.5CVE-2014-10064Denial-of-Service Extended Event Loop Blocking in qs
    from 0, < 1.0.0
  • MEDIUM5.3CVE-2026-8723qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set
    >= 6.11.1, < 6.15.2
  • LOW3.7CVE-2026-2391qs's arrayLimit bypass in comma parsing allows denial of service
    >= 6.7.0, < 6.14.2
  • LOW3.7CVE-2025-15284qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion
    from 0, < 6.14.1
  • CVE-2014-7191Denial-of-Service Memory Exhaustion in qs
    from 0, < 1.0.0