Vulnerability issue of an older axios version

[Balaji-Senthiappan]

Npm audit reported below

axios <=0.21.1
Severity: high
Incorrect Comparison in axios - GHSA-cph5-m8f7-6c5x
Server-Side Request Forgery in Axios - GHSA-4w2v-q235-vp99
No fix available

[kugesh-Rajasekaran]

Hi...

There are three vulnerabilities in total and all of them comes from the indian-stock-exchange dependency.
The core issue is that indian-stock-exchange uses older version of axios and that in turn uses the older vulnerable version of follow-redirects.

      indian-stock-exchange -> axios -> follow-redirects (vulnerable)

So, we have to update the axios package (which contains updated follow-redirects) in indian-stock-exchange .
But, it seems the package is not anymore active and the respective page is returning 404 error (https://github.com/kaushiknishchay/indian-stock-exchange)