[GHSA-qwcr-r2fm-qrc7] body-parser vulnerable to denial of service when url encoding is enabled #6703
Conversation
|
Hi there @ctcpip! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository. This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory |
github-actions
bot
changed the base branch from
main
to
asrar-mared/advisory-improvement-6703
|
Hi there @ctcpip! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository. This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory |
Updates
Comments
./final-victory-verification.sh
π‘οΈ FINAL VICTORY VERIFICATION
π Running npm audit...
npm warn config production Use
--omit=devinstead.found 0 vulnerabilities
β SUCCESS: ZERO VULNERABILITIES CONFIRMED
ββββββββββββββββββββββββββββββββββββββββββ
β π MISSION ACCOMPLISHED π β
β β
β From: 119 vulnerabilities β
β To: 0 vulnerabilities β
β β
β Status: TOTAL VICTORY β
β Warrior: asrar-mared β
β β
ββββββββββββββββββββββββββββββββββββββββββ
π Dependency Statistics:
@practica/create-node-app@0.0.10 /data/data/com.termux/files/home/practica
βββ @docusaurus/core@3.9.2
βββ @docusaurus/preset-classic@3.9.2
βββ @types/axios@0.14.4
βββ @types/blessed@0.1.27
βββ @types/commander@2.12.5
βββ @types/figlet@1.7.0
βββ @types/fs-extra@9.0.13
βββ @types/ink-spinner@3.0.5
βββ @types/jest@27.5.2
βββ @types/ora@3.2.0
βββ @types/prettier@2.7.3
βββ @types/sinon@10.0.20
βββ axios@1.13.2
βββ blessed@0.1.81
βββ commander@9.5.0
βββ execa@5.1.1
βββ figlet@1.9.4
βββ fs-extra@10.1.0
βββ import-jsx@4.0.1
π Outdated Packages Check:
Package Current Wanted Latest Location Depended by
@types/axios 0.14.4 0.14.4 0.9.36 node_modules/@types/axios practica
@types/commander 2.12.5 2.12.5 2.12.0 node_modules/@types/commander practica
@types/fs-extra 9.0.13 9.0.13 11.0.4 node_modules/@types/fs-extra practica
@types/jest 27.5.2 27.5.2 30.0.0 node_modules/@types/jest practica
@types/ora 3.2.0 3.2.0 3.1.0 node_modules/@types/ora practica
@types/sinon 10.0.20 10.0.20 21.0.0 node_modules/@types/sinon practica
commander 9.5.0 9.5.0 14.0.2 node_modules/commander practica
execa 5.1.1 5.1.1 9.6.1 node_modules/execa practica
fs-extra 10.1.0 10.1.0 11.3.3 node_modules/fs-extra practica
import-jsx 4.0.1 4.0.1 5.0.0 node_modules/import-jsx practica
ink 3.2.0 3.2.0 6.6.0 node_modules/ink practica
ink-big-text 1.2.0 1.2.0 2.0.0 node_modules/ink-big-text practica
ink-spinner 4.0.3 4.0.3 5.0.0 node_modules/ink-spinner practica
ink-task-list 1.1.1 1.1.1 2.0.0 node_modules/ink-task-list practica
ink-text-input 4.0.3 4.0.3 6.0.0 node_modules/ink-text-input practica
jest 29.7.0 29.7.0 30.2.0 node_modules/jest practica
jest-watch-typeahead 2.2.2 2.2.2 3.0.1 node_modules/jest-watch-typeahead practica
ora 5.4.1 5.4.1 9.1.0 node_modules/ora practica
prettier 2.6.2 2.6.2 3.8.1 node_modules/prettier practica
react 18.3.1 18.3.1 19.2.3 node_modules/react practica
react-dom 18.3.1 18.3.1 19.2.3 node_modules/react-dom practica
replace-in-file 6.3.5 6.3.5 8.4.0 node_modules/replace-in-file practica
sinon 13.0.2 13.0.2 21.0.1 node_modules/sinon practica
typescript 5.2.2 5.2.2 5.9.3 node_modules/typescript practica
β All packages up to date
π Report Generated: Sat Jan 24 09:19:21 +04 2026
π¦ Digital Warrior: asrar-mared
π§ Contact: nike49424@gmail.com
~/practica $