CNNVD-202512-4908 Information

CNNVD ID

CNNVD-202512-4908

Related CVE

CVE-2025-15284

• CNNVD Published: 2025-12-29

Description (Chinese)

ljharb qs是美国Jordan Harband个人开发者的一个具有嵌套支持的查询字符串解析器。 ljharb qs 6.14.1之前版本存在安全漏洞，该漏洞源于输入验证不当，可能导致HTTP拒绝服务攻击。

Description (English)

ljharb qs is an embedded search string solver for Jordan Harband personal developers in the United States. There was a security loophole in the previous version of ljharb qs 6.14.1, which stemmed from inadequate input validation and could lead to HTTP refusing service attacks.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-29

Last Modified

2026-02-24

References

https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9 https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p

Patch

https://github.com/ljharb/qs/tags