The qs module for Node.js is a querystring parser that supports nesting and arrays with a depth limit. The following packages have been upgraded to a later upstream version: rh-nodejs6-nodejs-qs . Security Fix: * It was found that ljharb"s qs module for Node.js did not properly parse query strings. An attacker could send a specially crafted query that overwrites the resulting object"s prototype properties , resulting in a denial of service when the overwritten function would be executed