Lucene search
PRIOn knowledge basePRION:CVE-2014-7191HistoryOct 19, 2014 - 1:55 a.m.
Design/Logic Flaw
2014-10-1901:55:00
PRIOn knowledge base
www.prio-n.com
9
The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.
References
secunia.com/advisories/60026
secunia.com/advisories/62170
www-01.ibm.com/support/docview.wss?uid=swg21685987
www-01.ibm.com/support/docview.wss?uid=swg21687263
www-01.ibm.com/support/docview.wss?uid=swg21687928
access.redhat.com/errata/RHSA-2016:1380
exchange.xforce.ibmcloud.com/vulnerabilities/96729
github.com/raymondfeng/node-querystring/commit/43a604b7847e56bba49d0ce3e222fe89569354d8
github.com/visionmedia/node-querystring/issues/104
nodesecurity.io/advisories/qs_dos_memory_exhaustion
Related
osv
osv
Denial-of-Service Memory Exhaustion in qs
2017-10-24 18:33:36
cvelist
cvelist
CVE-2014-7191
2014-10-19 01:00:00
nessus
nessus
Fedora 19 : nodejs-qs-0.6.6-3.fc19 (2014-11399)
2014-10-06 00:00:00
Fedora 20 : nodejs-qs-0.6.6-3.fc20 (2014-11376)
2014-10-06 00:00:00
redhat
redhat
debiancve
debiancve
CVE-2014-7191
2014-10-19 01:55:21
fedora
fedora
[SECURITY] Fedora 19 Update: nodejs-qs-0.6.6-3.fc19
2014-10-06 05:04:26
[SECURITY] Fedora 20 Update: nodejs-qs-0.6.6-3.fc20
2014-10-06 05:04:59
ibm
ibm
openvas
openvas
Fedora Update for nodejs-qs FEDORA-2014-11376
2014-10-07 00:00:00
Fedora Update for nodejs-qs FEDORA-2014-11399
2014-10-07 00:00:00
ubuntucve
ubuntucve
CVE-2014-7191
2014-10-19 00:00:00
nodejs
nodejs
Denial-of-Service Memory Exhaustion
2015-10-17 19:41:46
veracode
veracode
Denial Of Service (DoS) Memory Consumption
2019-01-15 09:12:08
nvd
nvd
CVE-2014-7191
2014-10-19 01:55:21
cve
cve
CVE-2014-7191
2014-10-19 01:55:21
github
github
Denial-of-Service Memory Exhaustion in qs
2017-10-24 18:33:36