Denial-of-Service Extended Event Loop Blockingqs
Versions prior to 1.0.0 of
qs are affected by a denial of service vulnerability that results from excessive recursion in parsing a deeply nested JSON string.
Update to version 1.0.0 or later
Have content suggestions? Send them to [email protected]
publishedAdvisory publishedAug 6th, 2014
reportedInitial report by Tom SteeleOct 17th, 2015