Denial of Service in axios

2019-05-29T18:04:45
ID GHSA-42XW-2XVC-QX8M
Type github
Reporter GitHub Advisory Database
Modified 2020-08-31T18:39:11

Description

Versions of axios prior to 0.18.1 are vulnerable to Denial of Service. If a request exceeds the maxContentLength property, the package prints an error but does not stop the request. This may cause high CPU usage and lead to Denial of Service.

Recommendation

Upgrade to 0.18.1 or later.