CVE-2019-10742: Denial of Service

May 7, 2019 (updated May 8, 2019)

Axios allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded.

References

github.com/axios/axios/issues/1098
github.com/axios/axios/pull/1485
nvd.nist.gov/vuln/detail/CVE-2019-10742

Detect and mitigate CVE-2019-10742 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →