Lucene search

K

Axios Security Vulnerabilities

cve
cve

CVE-2023-45857

An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive...

6.5CVSS

6.1AI Score

0.001EPSS

2023-11-08 09:15 PM
106
cve
cve

CVE-2019-25068

A vulnerability classified as critical was found in Axios Italia Axios RE 1.7.0/7.0.0. This vulnerability affects unknown code of the file REDefault.aspx of the component Connection Handler. The manipulation of the argument DBIDX leads to privilege escalation. The attack can be initiated...

8.8CVSS

8.7AI Score

0.001EPSS

2022-06-09 05:15 PM
21
12
cve
cve

CVE-2019-25069

A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/7.0.0. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to information disclosure (ASP.NET). The attack may be initiated...

7.5CVSS

7.3AI Score

0.001EPSS

2022-06-09 05:15 PM
23
12
cve
cve

CVE-2021-3749

axios is vulnerable to Inefficient Regular Expression...

7.5CVSS

7.3AI Score

0.019EPSS

2021-08-31 11:15 AM
211
6
cve
cve

CVE-2020-28168

Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP...

5.9CVSS

5.8AI Score

0.003EPSS

2020-11-06 08:15 PM
115
11
cve
cve

CVE-2019-10742

Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is...

7.5CVSS

7.2AI Score

0.003EPSS

2019-05-07 07:29 PM
70
3