Known vulnerability found - CVE-2019-10742 (high severity)

Labs64 / laravel-boilerplate

Laravel Boilerplate / Starter Kit with Gentelella Admin Theme

https://github.com/Labs64/laravel-boilerplate/wiki

MIT License

917 stars 328 forks source link

Known vulnerability found - CVE-2019-10742 (high severity) #51

Closed r-brown closed 5 years ago

r-brown commented 5 years ago

CVE-2019-10742

Vulnerable versions: <= 0.18.0 Patched version: No fix

Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded.

r-brown commented 5 years ago

Other alerts as of 05.06.2019 ( Source: https://github.com/Labs64/laravel-boilerplate/network/alerts )

v-rudkovskiy commented 5 years ago

Fixed in 1104fd1

r-brown commented 5 years ago

All other security allerts need to be resolved as well: https://github.com/Labs64/laravel-boilerplate/network/alerts

v-rudkovskiy commented 5 years ago

Llink "https://github.com/Labs64/laravel-boilerplate/network/alerts" opens page 404.

r-brown commented 5 years ago

@v-rudkovskiy see screenshot above

UPD: granted access to the view