Vulnerability	Vulnerable Version
H Access of Resource Using Incompatible Type ('Type Confusion') @builder.io/qwik-city is a The meta-framework for Qwik. Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type ('Type Confusion') in the `FormData` function when handling `application/x-www-form-urlencoded` or `multipart/form-data` requests. An attacker can cause server-side values to be altered in unexpected ways by submitting crafted form field names that mix array indices and object-property keys for the same path. This can result in runtime errors, increased server resource consumption, or type confusion in downstream code by manipulating the structure of parsed input. How to fix Access of Resource Using Incompatible Type ('Type Confusion')? Upgrade `@builder.io/qwik-city` to version 1.19.2 or higher.	<1.19.2

Access of Resource Using Incompatible Type ('Type Confusion')

@builder.io/qwik-city is a The meta-framework for Qwik.

Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type ('Type Confusion') in the FormData function when handling application/x-www-form-urlencoded or multipart/form-data requests. An attacker can cause server-side values to be altered in unexpected ways by submitting crafted form field names that mix array indices and object-property keys for the same path. This can result in runtime errors, increased server resource consumption, or type confusion in downstream code by manipulating the structure of parsed input.

How to fix Access of Resource Using Incompatible Type ('Type Confusion')?

Upgrade @builder.io/qwik-city to version 1.19.2 or higher.

<1.19.2

Go back to all versions of this package