org.webjars.bowergithub.axios:axios@0.18.0 vulnerabilities
-
latest version
1.5.0
-
first published
6 years ago
-
latest version published
a year ago
-
licenses detected
- [0.17.1,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.webjars.bowergithub.axios:axios package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.webjars.bowergithub.axios:axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Prototype Pollution via the How to fix Prototype Pollution? A fix was pushed into the |
[0,)
|
org.webjars.bowergithub.axios:axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). An attacker can deplete system resources by providing a manipulated string as input to the format method, causing the regular expression to exhibit a time complexity of How to fix Regular Expression Denial of Service (ReDoS)? There is no fixed version for |
[0,)
|
org.webjars.bowergithub.axios:axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) due to inserting the How to fix Cross-site Request Forgery (CSRF)? A fix was pushed into the |
[0,)
|
org.webjars.bowergithub.axios:axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[,1.3.2)
|
org.webjars.bowergithub.axios:axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Server-Side Request Forgery (SSRF). An attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address. How to fix Server-Side Request Forgery (SSRF)? Upgrade |
[0,0.21.1)
|
org.webjars.bowergithub.axios:axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Denial of Service (DoS) due to content continuing to be accepted from requests after How to fix Denial of Service (DoS)? Upgrade |
[,0.19.2)
|