Upstream information

CVE-2017-1000048 at MITRE


the web framework using ljharb's qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS. A malicious user can send a evil request to cause the web framework crash.

SUSE information

SUSE Bugzilla entry: 1082320

No SUSE Security Announcements cross referenced.