CVE-2019-10742

Опубликовано: 07 мая 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Средний

Описание

Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded.

Ссылки

https://app.snyk.io/vuln/SNYK-JS-AXIOS-174505
Exploit
Patch
Third Party Advisory
https://github.com/axios/axios/issues/1098
Exploit
Third Party Advisory
https://github.com/axios/axios/pull/1485
Patch
Third Party Advisory
https://app.snyk.io/vuln/SNYK-JS-AXIOS-174505
Exploit
Patch
Third Party Advisory
https://github.com/axios/axios/issues/1098
Exploit
Third Party Advisory
https://github.com/axios/axios/pull/1485
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:axios:axios:*:*:*:*:*:node.js:*:*

Версия до 0.18.0 (включая)

EPSS

Процентиль: 94%

0.1374

Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-755

Связанные уязвимости

CVE-2019-10742

CVSS3: 7.5

ubuntu

больше 6 лет назад

Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded.

CVE-2019-10742

CVSS3: 7.5

debian

больше 6 лет назад

Axios up to and including 0.18.0 allows attackers to cause a denial of ...

GHSA-42xw-2xvc-qx8m

CVSS3: 7.5

github

больше 6 лет назад

Denial of Service in axios

EPSS

Процентиль: 94%

0.1374

Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-755