[security] CVE-2021-44907 - vulnerability in qs up to 6.8.0

ljharb / qs

A querystring parser with nesting support

BSD 3-Clause "New" or "Revised" License

8.54k stars 728 forks source link

[security] CVE-2021-44907 - vulnerability in qs up to 6.8.0 #438

Closed borisLipmanovich closed 2 years ago

borisLipmanovich commented 2 years ago

Hi, There is a new vulnerability issue in qs up to 6.8.0 https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-44907

ljharb commented 2 years ago

No, there isn't. This is a duplicate of #436, which explains how this is not a vulnerability, and how this irresponsibly disclosed non-issue isn't actually an issue, and that the CVE should be invalidated.