Project

General

Profile

Actions
Copy link

Bug #26933

closed

update axios npm package due to CVE

Added by Ohad Levy over 5 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ohad Levy
Category:
JavaScript stack
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
https://github.com/theforeman/foreman/pull/6816
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

CVE-2019-10742 More information
high severity
Vulnerable versions: <= 0.18.0
Patched version: 0.19.0
Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded.

Actions
Copy link
 #1

Updated by The Foreman Bot over 5 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to Ohad Levy
  • Pull request https://github.com/theforeman/foreman/pull/6816 added
Actions
Copy link
 #2

Updated by Ohad Levy over 5 years ago

  • Status changed from Ready For Testing to Closed
Actions
Copy link

Also available in: Atom PDF