What is CVE-2017-1000048?

CVE-2017-1000048 is a vulnerability in Ljharb qs that allows a remote attacker to cause a denial of service by sending a specially-crafted request.

How does CVE-2017-1000048 affect IBM Security Verify Governance?

CVE-2017-1000048 affects IBM Security Verify Governance version 10.0.

What is the severity of CVE-2017-1000048?

The severity of CVE-2017-1000048 is medium with a CVSS score of 5.3.

How can I fix CVE-2017-1000048?

To fix CVE-2017-1000048, it is recommended to apply the latest security updates or patches provided by the vendor.

Where can I find more information about CVE-2017-1000048?

You can find more information about CVE-2017-1000048 in the following references: [link1](https://exchange.xforce.ibmcloud.com/vulnerabilities/130305) and [link2](https://www.ibm.com/support/pages/node/7047640).

Vulnerability/
CVE-2017-1000048

high

7.5

CWE

1/3/2017

13/7/2017

5/8/2024

CVE-2017-1000048: Input Validation

First published: Wed Mar 01 2017(Updated: )

Ljharb qs is vulnerable to a denial of service. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
IBM Security Verify Governance	<=10.0
IBM Security Verify Governance	=1.0.0
IBM Security Verify Governance	=1.0.1
IBM Security Verify Governance	=1.0.2
IBM Security Verify Governance	=1.1.0
IBM Security Verify Governance	=1.2.0
IBM Security Verify Governance	=1.2.1
IBM Security Verify Governance	=2.3.1
IBM Security Verify Governance	=2.3.2
IBM Security Verify Governance	=2.3.3
IBM Security Verify Governance	=2.4.0
IBM Security Verify Governance	=2.4.1
IBM Security Verify Governance	=2.4.2
IBM Security Verify Governance	=3.0.0
IBM Security Verify Governance	=3.1.0
IBM Security Verify Governance	=4.0.0
IBM Security Verify Governance	=5.0.0
IBM Security Verify Governance	=5.1.0
IBM Security Verify Governance	=5.2.0
IBM Security Verify Governance	=5.2.1
IBM Security Verify Governance	=6.0.0
IBM Security Verify Governance	=6.0.1
IBM Security Verify Governance	=6.0.2
IBM Security Verify Governance	=6.0.3
IBM Security Verify Governance	=6.1.0
IBM Security Verify Governance	=6.1.1
IBM Security Verify Governance	=6.2.0
IBM Security Verify Governance	=6.2.1
IBM Security Verify Governance	=6.2.2
IBM Security Verify Governance	=6.3.0
IBM Security Verify Governance	=6.3.1
redhat/nodejs-qs	<6.4.0	6.4.0
redhat/nodejs-qs	<6.3.2	6.3.2
redhat/nodejs-qs	<6.2.3	6.2.3
redhat/nodejs-qs	<6.1.2	6.1.2
redhat/nodejs-qs	<6.0.4	6.0.4

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7047640

Frequently Asked Questions

What is CVE-2017-1000048?
CVE-2017-1000048 is a vulnerability in Ljharb qs that allows a remote attacker to cause a denial of service by sending a specially-crafted request.
How does CVE-2017-1000048 affect IBM Security Verify Governance?
CVE-2017-1000048 affects IBM Security Verify Governance version 10.0.
What is the severity of CVE-2017-1000048?
The severity of CVE-2017-1000048 is medium with a CVSS score of 5.3.
How can I fix CVE-2017-1000048?
To fix CVE-2017-1000048, it is recommended to apply the latest security updates or patches provided by the vendor.
Where can I find more information about CVE-2017-1000048?
You can find more information about CVE-2017-1000048 in the following references: [link1](https://exchange.xforce.ibmcloud.com/vulnerabilities/130305) and [link2](https://www.ibm.com/support/pages/node/7047640).

collector/ibm-support
collector/nvd-index
agent/type
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
agent/severity
agent/weakness
agent/author
agent/references
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2017-1000048
agent/software-canonical-lookup
agent/tags
agent/event
collector/mitre-cve
source/MITRE
vendor/ibm
canonical/ibm security verify governance
version/ibm security verify governance/10.0
vendor/qs project
version/ibm security verify governance/1.0.0
version/ibm security verify governance/1.0.1
version/ibm security verify governance/1.0.2
version/ibm security verify governance/1.1.0
version/ibm security verify governance/1.2.0
version/ibm security verify governance/1.2.1
version/ibm security verify governance/2.3.1
version/ibm security verify governance/2.3.2
version/ibm security verify governance/2.3.3
version/ibm security verify governance/2.4.0
version/ibm security verify governance/2.4.1
version/ibm security verify governance/2.4.2
version/ibm security verify governance/3.0.0
version/ibm security verify governance/3.1.0
version/ibm security verify governance/4.0.0
version/ibm security verify governance/5.0.0
version/ibm security verify governance/5.1.0
version/ibm security verify governance/5.2.0
version/ibm security verify governance/5.2.1
version/ibm security verify governance/6.0.0
version/ibm security verify governance/6.0.1
version/ibm security verify governance/6.0.2
version/ibm security verify governance/6.0.3
version/ibm security verify governance/6.1.0
version/ibm security verify governance/6.1.1
version/ibm security verify governance/6.2.0
version/ibm security verify governance/6.2.1
version/ibm security verify governance/6.2.2
version/ibm security verify governance/6.3.0
version/ibm security verify governance/6.3.1
package-manager/redhat