Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

qs

Ecosystem:
npm
Package URL:
pkg:npm/qs
Total PRs:
19,413 Dependabot PRs
Latest PR:
about 3 hours ago
Unique Repositories:
17,051 repositories
Unique Repos (30 days):
2,687 repositories
Security Advisories
Denial-of-Service Memory Exhaustion in qs
GHSA-jjv7-qpx3-h62q CVE-2014-7191 HIGH published over 8 years ago • updated about 8 hours ago
Versions prior to 1.0 of `qs` are affected by a denial of service condition. This condition is triggered by parsing a crafted string that deseriali...
qs's arrayLimit bypass in comma parsing allows denial of service
GHSA-w7fw-mjwx-w883 CVE-2026-2391 LOW published 21 days ago • updated about 24 hours ago
### Summary The `arrayLimit` option in qs does not enforce limits for comma-separated values when `comma: true` is enabled, allowing attackers to c...
Prototype Pollution Protection Bypass in qs
GHSA-gqgv-6jq5-jjj9 CVE-2017-1000048 HIGH published almost 6 years ago • updated about 8 hours ago
Affected version of `qs` are vulnerable to Prototype Pollution because it is possible to bypass the protection. The `qs.parse` function fails to pr...
qs vulnerable to Prototype Pollution
GHSA-hrpp-h998-j3pp CVE-2022-24999 HIGH published over 3 years ago • updated about 24 hours ago
qs before 6.10.3 allows attackers to cause a Node process hang because an `__ proto__` key can be used. In many typical web framework use cases, an...
Denial-of-Service Extended Event Loop Blocking in qs
GHSA-f9cm-p3w6-xvr3 CVE-2014-10064 HIGH published over 7 years ago • updated about 8 hours ago
Versions prior to 1.0.0 of `qs` are affected by a denial of service vulnerability that results from excessive recursion in parsing a deeply nested ...
View all 6 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
Upgrade: Bump the npm_and_yarn group across 1 directory with 28 updates

goodgollyholly/hint #26

6.5.3 → 6.5.5 Patch PR
Open about 16 hours ago 2 comments
goodgollyholly
Bump the npm_and_yarn group across 4 directories with 23 updates

ammar-knowledge/storybook #449

6.5.3 → 6.5.5 Patch PR
Open about 17 hours ago 3 comments
ammar-knowledge
Bump the npm_and_yarn group across 17 directories with 17 updates

jgeofil/hash #15

6.5.3 → 6.5.5 Patch PR
Open about 17 hours ago 1 comment
jgeofil
Bump the npm_and_yarn group across 17 directories with 18 updates

jgeofil/hash #14

6.5.3 → 6.5.5 Patch PR
Open about 20 hours ago 1 comment
jgeofil
build(deps): bump the npm_and_yarn group across 1 directory with 11 updates

zym9863/ionic-snake #2

6.14.0 → 6.14.2 Patch PR
Open about 20 hours ago 3 comments
zym9863
Bump the npm_and_yarn group across 1 directory with 4 updates

Teknologforeningen/tf.fi #122

6.14.1 → 6.14.2 Patch PR
Closed about 21 hours ago 1 comment
Teknologforeningen
Bump the npm_and_yarn group across 6 directories with 22 updates

alokkulkarni/backstage #10

6.5.3 → 6.5.5 Patch PR
Closed about 24 hours ago 1 comment
alokkulkarni
Bump the npm_and_yarn group across 6 directories with 21 updates

alokkulkarni/backstage #9

6.5.3 → 6.5.5 Patch PR
Closed 1 day ago 1 comment
alokkulkarni
Bump the npm_and_yarn group across 5 directories with 23 updates

ammar-knowledge/storybook #448

6.5.3 → 6.5.5 Patch PR
Open 1 day ago 3 comments
ammar-knowledge
chore(deps): bump the npm_and_yarn group across 4 directories with 21 updates

bobdavis84/jan #12

6.5.3 → 6.5.5 Patch PR
Closed 1 day ago 1 comment
bobdavis84
Bump the npm_and_yarn group across 6 directories with 21 updates

alokkulkarni/backstage #8

6.5.3 → 6.5.5 Patch PR
Closed 1 day ago 1 comment
alokkulkarni
build(deps): bump the npm_and_yarn group across 4 directories with 17 updates

ASISBusiness/sui #12

6.9.7 → 6.9.9 Patch PR
Open 1 day ago 3 comments
ASISBusiness
chore(deps): bump the npm_and_yarn group across 3 directories with 18 updates

paulpham157/jan #15

6.5.3 → 6.5.5 Patch PR
Closed 1 day ago 1 comment
paulpham157
chore(deps): bump the npm_and_yarn group across 4 directories with 17 updates

adrmarty/sui #14

6.9.7 → 6.9.9 Patch PR
Closed 1 day ago 1 comment
adrmarty
chore(deps): bump the npm_and_yarn group across 2 directories with 3 updates

EPFL-ENAC/co2-calculator #554

6.14.1 → 6.14.2 Patch PR
Closed 1 day ago 2 comments
EPFL-ENAC
Bump qs from 6.5.2 to 6.5.5

danilomourelle/Whats4 #25

6.5.2 → 6.5.5 Patch PR
Closed 2 days ago 1 comment
danilomourelle
chore(deps): bump qs and verdaccio

relative-ci/agent #1684

6.14.0 → 6.14.2 Patch PR
Open 2 days ago 1 comment
relative-ci
Bump the npm_and_yarn group across 5 directories with 30 updates

LelandParker/dbgate #15

6.5.3 → 6.5.5 Patch PR
Closed 2 days ago 1 comment
LelandParker
chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates

trizist/shields #10

6.14.0 → 6.14.2 Patch PR
Closed 2 days ago 1 comment
trizist
build(deps): bump the npm_and_yarn group across 12 directories with 14 updates

twcctz200/sentry-javascript #55

6.5.3 → 6.5.5 Patch PR
Closed 2 days ago 1 comment
twcctz200
Bump qs from 6.14.1 to 6.14.2

catenax-eV/catenax-ev.github.io #280

6.14.1 → 6.14.2 Patch PR
Open 2 days ago 4 comments
catenax-eV
chore(deps): bump the npm_and_yarn group across 4 directories with 12 updates

jubenitogarcia/skincos #315

6.14.1 → 6.14.2 Patch PR
Closed 3 days ago 1 comment
jubenitogarcia
Bump the npm_and_yarn group across 6 directories with 13 updates

Kuadrant/kuadrant-backstage-plugin #259

6.5.3 → 6.5.5 Patch PR
Closed 3 days ago 1 comment
Kuadrant
Bump the npm_and_yarn group across 4 directories with 22 updates

ammar-knowledge/storybook #438

6.5.3 → 6.5.5 Patch PR
Open 3 days ago 3 comments
ammar-knowledge
build(deps): bump the npm_and_yarn group across 7 directories with 27 updates

sumonst21/amplify-cli #24

6.5.2 → 6.5.5 Patch PR
Closed 3 days ago 1 comment
sumonst21
Bump the npm_and_yarn group across 4 directories with 22 updates

ammar-knowledge/storybook #436

6.5.3 → 6.5.5 Patch PR
Open 3 days ago 3 comments
ammar-knowledge
chore(deps): bump the npm_and_yarn group across 3 directories with 32 updates

alexis-opolka/standardnote-app #1

6.5.3 → 6.5.5 Patch PR
Closed 4 days ago 1 comment
alexis-opolka
build(deps): bump qs from 6.14.1 to 6.14.2 in /courses/content/assets/code/genkit-workshop/module3/functions

xavidop/courses #39

6.14.1 → 6.14.2 Patch PR
Open 4 days ago 1 comment
xavidop
Chore(deps): Bump qs from 6.14.1 to 6.14.2 in /docs

hashgraph/stablecoin-studio #1414

6.14.1 → 6.14.2 Patch PR
Open 4 days ago 2 comments
hashgraph
Bump the npm_and_yarn group across 19 directories with 3 updates

ankit1180/Mobile-and-AI-Training #30

6.14.1 → 6.14.2 Patch PR
Closed 4 days ago 1 comment
ankit1180
chore(deps): bump the npm_and_yarn group across 4 directories with 4 updates

SPHTech/kratos #9

6.14.1 → 6.14.2 Patch PR
Closed 4 days ago 1 comment
SPHTech
Bump the npm_and_yarn group across 1 directory with 28 updates

agustinusnathaniel/core #1

6.5.2 → 6.5.5 Patch PR
Open 4 days ago 1 comment
agustinusnathaniel
Bump the npm_and_yarn group across 1 directory with 3 updates

Teknologforeningen/tf.fi #121

6.14.1 → 6.14.2 Patch PR
Closed 4 days ago 1 comment
Teknologforeningen
Bump the npm_and_yarn group across 3 directories with 21 updates

ammar-knowledge/storybook #433

6.5.3 → 6.5.5 Patch PR
Open 4 days ago 3 comments
ammar-knowledge
chore(deps): bump qs from 6.14.1 to 6.14.2 in the npm_and_yarn group across 1 directory

EthanThePhoenix38/GatsbyBlog #25

6.14.1 → 6.14.2 Patch PR
Closed 4 days ago 2 comments
EthanThePhoenix38
chore(deps): bump the npm_and_yarn group across 4 directories with 17 updates

adrmarty/sui #13

6.9.7 → 6.9.9 Patch PR
Closed 4 days ago 1 comment
adrmarty
chore(deps): bump the npm_and_yarn group across 4 directories with 20 updates

bobdavis84/jan #10

6.5.3 → 6.5.5 Patch PR
Closed 4 days ago 1 comment
bobdavis84
chore(deps): bump the npm_and_yarn group across 5 directories with 15 updates

passariello/jan #14

6.5.3 → 6.5.5 Patch PR
Closed 4 days ago 1 comment
passariello
chore(deps): bump the npm_and_yarn group across 40 directories with 16 updates

hashim21223445/cypress #130

6.5.2 → 6.5.5 Patch PR
Open 5 days ago 2 comments
hashim21223445
⬆️ Bump the npm_and_yarn group across 2 directories with 6 updates

StanfordBDHG/ENGAGE-HF-Firebase #307

6.14.1 → 6.14.2 Patch PR
Open 5 days ago 1 comment
StanfordBDHG
Bump the npm_and_yarn group across 1 directory with 4 updates

AKJUS/dash.js #75

6.14.1 → 6.14.2 Patch PR
Open 5 days ago 1 comment
AKJUS
chore(deps): bump the npm_and_yarn group across 8 directories with 26 updates

kevinnguyenhoang91/roadie-backstage-plugins #10

6.5.3 → 6.5.5 Patch PR
Closed 5 days ago 1 comment
kevinnguyenhoang91
chore(deps): bump the npm_and_yarn group across 1 directory with 11 updates

AIC-HMV/shields #10

6.14.0 → 6.14.2 Patch PR
Closed 5 days ago 1 comment
AIC-HMV
Bump the npm_and_yarn group across 4 directories with 5 updates

Mattlk13/kotlin #751

6.14.1 → 6.14.2 Patch PR
Closed 5 days ago 1 comment
Mattlk13
Bump the npm_and_yarn group across 1 directory with 4 updates

EmilynnJ/Seer4325 #5

6.14.1 → 6.14.2 Patch PR
Closed 5 days ago 2 comments
EmilynnJ
chore(deps): bump the npm_and_yarn group across 3 directories with 6 updates

qenex-ai/nebula.js #24

6.14.0 → 6.14.2 Patch PR
Closed 5 days ago 1 comment
qenex-ai
Bump the npm_and_yarn group across 2 directories with 2 updates

alejingutierrez/populi_ai_monitor #2

6.14.1 → 6.14.2 Patch PR
Open 5 days ago 1 comment
alejingutierrez
chore(deps): bump the npm_and_yarn group across 2 directories with 2 updates

ramonmirandaa-crypto/convite #3

6.14.1 → 6.14.2 Patch PR
Open 5 days ago 1 comment
ramonmirandaa-crypto
Bump the npm_and_yarn group across 28 directories with 9 updates

LuisitoLuis/firefox #174

6.14.0 → 6.14.2 Patch PR
Closed 5 days ago 1 comment
LuisitoLuis
chore(deps): bump the npm_and_yarn group across 42 directories with 15 updates

karlitos1337/5d #430

6.5.3 → 6.5.5 Patch PR
Closed 5 days ago 1 comment
karlitos1337
Package Details
Name: qs
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/qs
JSON API: View JSON
Security Advisories

6

Active advisories
HIGH 4
MODERATE 1
LOW 1
View All npm Advisories
Package Information
Description:

A querystring parser that supports nesting and arrays, with a depth limit

Repository: https://github.com/ljharb/qs
Homepage: https://github.com/ljharb/qs
Latest Release: 6.14.0
about 1 year ago
Dependent Repos: 2,110,964
Dependent Packages: 15,944
Downloads: 399,573,108
Ranking: Top 0.0137% by dependent repos Top 0.0019% by downloads Top 0.0064% by dependent pkgs
PR Status
Open 5,437 (28.0%)
Merged 322 (1.7%)
Closed 13,370 (68.9%)
PR Types
Removal 64 (0.3%)
Minor 11,916 (61.4%)
Major 44 (0.2%)
Patch 7,075 (36.4%)