Vulnerabilities > QS Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-26	CVE-2022-24999	qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. network low complexity qs-project openjsf debian	7.5
2018-05-31	CVE-2014-10064	Resource Management Errors vulnerability in QS Project QS The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of time. network low complexity qs-project CWE-399	7.5
2017-07-17	CVE-2017-1000048	Improper Input Validation vulnerability in QS Project QS the web framework using ljharb's qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS. network low complexity qs-project CWE-20	7.5

Vulnerabilities > QS Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"QS Project"}]}