Skip to content

Dependency 'qs' security issue #2750

New issue
New issue
Open
#2752
Open
Dependency 'qs' security issue#2750
#2752
Assignees
azizbecha
Labels
dependenciesPull requests that update a dependency filequestionFurther information is requested
@RubberDucky92970

Description

@RubberDucky92970
RubberDucky92970
opened on Dec 31, 2025

Just got notified 'qs' library is marked as a security issue. All qs versions ≤ 6.14.0 are affected. Patched version 6.14.1 apparently is not affected

For more info check out: qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion

I was wondering, is this a legitimate issue for using the react-native-community/cli library?

└─┬ @react-native-community/[email protected]
└─┬ @react-native-community/[email protected]
└─┬ [email protected]
└── [email protected]

Metadata

Metadata

Assignees

Labels

dependenciesPull requests that update a dependency filequestionFurther information is requested

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions