Open juliakaltenegger opened 4 years ago
Axios <= 0.18.0 causes high severity security alert (see CVE below). Version ^0.17.0 is specified as a dependency in @heml/elements.
^0.17.0
@heml/elements
https://github.com/SparkPost/heml/blob/78cd0d7f4829d1dd9642d07d1794abb48ea72a21/packages/heml-elements/package.json#L26
Security Alert: high severity
Vulnerable versions: <= 0.18.0 Patched version: 0.18.1
Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded.
CVE-2019-10742
Axios <= 0.18.0 causes high severity security alert (see CVE below). Version
^0.17.0
is specified as a dependency in@heml/elements
.https://github.com/SparkPost/heml/blob/78cd0d7f4829d1dd9642d07d1794abb48ea72a21/packages/heml-elements/package.json#L26
CVE
Security Alert: high severity
Vulnerable versions: <= 0.18.0 Patched version: 0.18.1
Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded.
CVE-2019-10742