Skip to content

CSRF in axios #303

New issue
New issue
Open
Open
CSRF in axios#303
@lamuertepeluda

Description

@lamuertepeluda
lamuertepeluda
opened on Mar 25, 2025

Hi there,

there is this problem GHSA-wf5p-g6vw-rhxx with the axios version in this library.

Could it be upgrade it to some of the latest versions?

# npm audit report

axios  <=1.8.1
Severity: high
Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL - https://github.com/advisories/GHSA-jr5f-v2jv-69x6
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/openapi-validator/node_modules/axios
  openapi-validator  >=0.14.2-alpha.0
  Depends on vulnerable versions of axios
  node_modules/openapi-validator

I can try to issue a PR if you like

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions