Skip to content

Commit a8bc8bf

Browse files
EugeniyKiyashkoalexslavr
EugeniyKiyashko
and
alexslavr
authored
fix(deps) sbom: qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion [security] (#32103)
Co-authored-by: alexlavrov <[email protected]>
1 parent 934450a commit a8bc8bf

File tree

2 files changed

+7
-5
lines changed

2 files changed

+7
-5
lines changed

packages/sbom/package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,8 @@
99
"pnpm": {
1010
"overrides": {
1111
"body-parser@>=2.2.0 <2.2.1": ">=2.2.1",
12-
"jws@=4.0.0": ">=4.0.1"
12+
"jws@=4.0.0": ">=4.0.1",
13+
"qs": ">=6.14.1"
1314
}
1415
}
1516
}

packages/sbom/pnpm-lock.yaml

Lines changed: 5 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)