Axios 安全漏洞

Axios is an open-source HTTP client developed by Axios. Versions of Axios from 1.0.0 to 1.16.0 had security vulnerabilities. These vulnerabilities were caused by prototype pollution attacks, which could lead to the Object.prototype in the application dependency tree being polluted, resulting in...

Axios 安全漏洞

Axios is an open-source HTTP client developed by Axios. Versions prior to 0.32.0 and 1.16.0 of Axios contain security vulnerabilities. These vulnerabilities stem from two prototype pollution tools that may cause upstream dependencies to pollute Object.prototype, allowing Axios to silently use the...

Security Bulletin:IBM Watson Discovery Cartridge affected by vulnerabilities in axios-1.12.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerabilities in axios-1.12.2.tgz Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when Object.prototype has been polluted by any co-dependency...

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple axios vulnerabilities (CVE-2026-42033 through CVE-2026-42044).

Summary Multiple vulnerabilities in the axios HTTP client library CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044 used by IBM InfoSphere Optim Archive...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in axios-1.12.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerabilities in axios-1.12.2.tgz Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when...

PT-2026-44984

Name of the Vulnerable Software and Affected Versions axios versions prior to 0.32.0 axios versions prior to 1.16.0 Description Axios is a promise-based HTTP client for the browser and Node.js. The issue resides in the lib/helpers/shouldBypassProxy.js file and is caused by the failure to normaliz...

Security Bulletin: IBM z/TPF Development is affected by multiple vulnerabilities reported in the axios package

Summary Multiple vulnerabilities were identified in the open-source package axios version 1.15.0, which provides the HTTPS/HTTP client used by the extension. Fixes for these vulnerabilities were made available in axios version 1.15.2. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios ...

Security Bulletin: IBM Quantum Safe Explorer is affected by multiple vulnerabilites

Summary The vulnerabilities were found in dependent open source libraries used within IBM Quantum Safe Explorer code base. These issues have been addressed by updating the versions of affected libraries. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios is a promise based HTTP client...

Security Bulletin: SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in axios

Summary SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in axios CVE-2026-42264, CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043,...

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to axios

Summary IBM App Connect Enterprise runtime and IBM App Connect Enterprise Connector Discovery and OpenAPI Editor are vulnerable to multiple vulnerabilities due to axios. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior...

Axios 安全漏洞

Axios is an open-source HTTP client developed by Axios. Versions prior to Axios 1.15.1 and 0.31.1 contain security vulnerabilities. These vulnerabilities arise when maxRedirects is set to 0, allowing for bypassing of the maxBodyLength field in stream requests, resulting in the complete transmissi...

Axios 安全漏洞

Axios is an open-source HTTP client developed by Axios. Versions prior to Axios 1.15.1 and 0.31.1 contain security vulnerabilities. These vulnerabilities arise when Object.prototype is compromised, allowing attackers to silently intercept and modify each JSON response, or completely hijack the...

Axios 代码问题漏洞

Axios is an open-source HTTP client developed by Axios. Versions of Axios prior to 1.15.1 and 0.31.1 have code vulnerabilities. These vulnerabilities stem from incomplete fixes for noproxy hostname normalization, allowing requests to 127.0.0.1 and ::1 to still be routed through a proxy...

Axios 安全漏洞

Axios is an open-source HTTP client developed by Axios itself, based on Promise a solution for asynchronous programming. Versions of Axios prior to 1.13.2 contain security vulnerabilities; these vulnerabilities stem from state corruption and could potentially lead to process crashes...

Axios 代码问题漏洞

Axios is an open-source HTTP client developed by Axios. Versions of Axios prior to 1.13.5 had code vulnerabilities. These vulnerabilities stemmed from a crash that occurred when the mergeConfig function processed configuration objects containing the proto attribute, which could lead to a...

solspace/craft-freeform Exposed to Known Axios Vulnerabilities via Precompiled Assets

Summary The latest versions of both 4.x and 5.x are using Axios versions 1.7.5 and as such are subject to known vulnerabilities as per: https://security.snyk.io/package/npm/axios Details We've had this flagged up in a pen test, which indicates the issue stems from this script: /freeform/plugin.js...