CVE-2019-10742 (Medium) detected in axios-0.17.1.tgz #47

mend-bolt-for-github · 2019-05-09T23:18:13Z

CVE-2019-10742 - Medium Severity Vulnerability

Vulnerable Library - axios-0.17.1.tgz

Promise based HTTP client for the browser and node.js

Library home page: https://registry.npmjs.org/axios/-/axios-0.17.1.tgz

Path to dependency file: /SignIn-SignUp/package.json

Path to vulnerable library: /tmp/git/SignIn-SignUp/node_modules/axios/package.json

Dependency Hierarchy:

localtunnel-1.9.1.tgz (Root Library)
- ❌ axios-0.17.1.tgz (Vulnerable Library)

Found in HEAD commit: ded17e97eeafc2240b02cf0231efb5073700786d

Vulnerability Details

Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded.

Publish Date: 2019-05-07

URL: CVE-2019-10742

CVSS 2 Score Details (5.0)

Base Score Metrics not available

Step up your Open Source Security Game with WhiteSource here

mend-bolt-for-github bot added the security vulnerability Security vulnerability detected by WhiteSource label May 9, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2019-10742 (Medium) detected in axios-0.17.1.tgz #47

CVE-2019-10742 (Medium) detected in axios-0.17.1.tgz #47

mend-bolt-for-github bot commented May 9, 2019

CVE-2019-10742 (Medium) detected in axios-0.17.1.tgz #47

CVE-2019-10742 (Medium) detected in axios-0.17.1.tgz #47

Comments

mend-bolt-for-github bot commented May 9, 2019

CVE-2019-10742 - Medium Severity Vulnerability