VYPR
High severityNVD Advisory· Published Oct 19, 2014· Updated Jun 17, 2026

CVE-2014-7191

CVE-2014-7191

Description

The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
qsnpm
< 1.0.01.0.0

Affected products

2

Patches

Vulnerability mechanics

References

13

News mentions

0

No linked articles in our index yet.