This resolves issues described in SA-CORE-2019-003 for this module. Not all configurations are affected. See SA-CORE-2019-003 for details.
{ "constraint": "<1.6.0" }
"<1.6.0"
"https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/paragraphs/DRUPAL-CONTRIB-2019-023.json"