Bug #26933: update axios npm package due to CVE - Foreman

Actions

Copy link

Bug #26933

closed

update axios npm package due to CVE

Added by Ohad Levy over 5 years ago. Updated over 5 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Ohad Levy

Category:

JavaScript stack

Target version:

Difficulty:

Triaged:

Bugzilla link:

Pull request:

https://github.com/theforeman/foreman/pull/6816

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

CVE-2019-10742 More information
high severity
Vulnerable versions: <= 0.18.0
Patched version: 0.19.0
Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded.

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Custom queries

Bug #26933

update axios npm package due to CVE

Updated by The Foreman Bot over 5 years ago

Updated by Ohad Levy over 5 years ago