Lucene search
K

4641 matches found

Atlassian
Atlassian
added 2025/12/09 11:31 p.m.14 views

SSRF (Server Side Request Forgery) axios Dependency in Jira Software Data Center and Server

This High severity SSRF Server Side Request Forgery vulnerability known as CVE-2025-27152 was introduced in 10.3.0 of Jira Software Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P allows a...

8.7CVSS6.3AI score0.00759EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/02 2:51 p.m.12 views

Security Bulletin: Multiple vulnerabilities in IBM QRadar Use Case Manager app

Summary Multiple vulnerabilities were addressed in IBM QRadar Use Case Manager app version 4.1.0 Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to versions 0.30.2 and 1.12.0 runs on Node.js and is given a...

9.4CVSS5.5AI score0.02278EPSS
Exploits5Affected Software1
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.3 views

Axios Systems Assyst 安全漏洞

Axios Systems Assyst is an off-the-shelf application from Axios Systems, UK, for managing IT services without the complexity and overhead associated with ITSM platforms such as ServiceNow and BMC Remedy. Axios Systems Assyst has a security vulnerability that stems from a specially crafted dict ke...

9.8CVSS7.2AI score0.00373EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/01 5:48 p.m.6 views

Security Bulletin: IBM Edge Data Collector uses axios-1.11.0.tgz which is vulnerable to CVE-2025-58754.

Summary IBM Edge Data Collector uses axios-1.11.0.tgz which is vulnerable to CVE-2025-58754. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Wh...

7.5CVSS6.5AI score0.01099EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/28 7:16 p.m.6 views

Security Bulletin: Astronomer with IBM is vulnerable to unbounded memory allocation due to the axios package (CVE-2025-58754)

Summary Axios is used by Astronomer with IBM as part of the HTTP processing functionality. Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to versions 0.30.2 and 1.12.0 runs on Node.js and is given a URL wi...

7.5CVSS6.4AI score0.01099EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/28 5:55 a.m.4 views

Security Bulletin: IBM Spectrum Control is vulnerable to weaknesses related to axios (CVE-2025-58754)

Summary axios is vulnerable to Denial of Service attacks. These vulnerabilities affect IBM Spectrum Control. Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to versions 0.30.2 and 1.12.0 runs on Node.js and...

7.5CVSS6.6AI score0.01099EPSS
Exploits1Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.6 views

Malicious code in axios-cancelable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7210c0ae0996b1026ba173fc3f0628154433a7a8ba971106d24dab744d6d28ec The package axios-cancelable was found to contain malicious code. Source: ghsa-malware 34b03d17fe2a4d83f67cbda737712693abb19fc4da135fab010adb7aeeb82d...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/25 12:16 a.m.3 views

EUVD-2025-199373

Malicious code in axios-cancelable npm...

6.6AI score
Exploits0References3
OSV
OSV
added 2025/11/25 12:16 a.m.7 views

MAL-2025-191389 Malicious code in axios-cancelable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7210c0ae0996b1026ba173fc3f0628154433a7a8ba971106d24dab744d6d28ec The package axios-cancelable was found to contain malicious code. Source: ghsa-malware 34b03d17fe2a4d83f67cbda737712693abb19fc4da135fab010adb7aeeb82d...

6.8AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 10:44 p.m.2 views

EUVD-2025-199187

Malicious code in axios-timed npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 10:44 p.m.5 views

Malicious code in axios-timed (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ab662813496549443a6e93b09a2f5fe8268f47117b82805c40b631d7ed3d1f7 The package axios-timed was found to contain malicious code. Source: ghsa-malware 1ffd6b2c5ba321504c3373b543278ee5f5a0f3de43e0c7cca70793a90a7680a8 An...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/11/24 10:44 p.m.1 views

MAL-2025-191068 Malicious code in axios-timed (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ab662813496549443a6e93b09a2f5fe8268f47117b82805c40b631d7ed3d1f7 The package axios-timed was found to contain malicious code. Source: ghsa-malware 1ffd6b2c5ba321504c3373b543278ee5f5a0f3de43e0c7cca70793a90a7680a8 An...

6.8AI score
Exploits0References4
Snyk
Snyk
added 2025/11/24 4:24 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.9 views

axios-basic-logger (=1.0.0), react-micromodal.js (=1.0.0) potentially affected by unknown CVE via pico-uid (=1.0.2)

pico-uid NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on pico-uid and may be impacted: - axios-basic-logger =1.0.0 - react-micromodal.js =1.0.0 Source cves: unknown CVE Source advisory: SNYK:JS-PICOUID-14103684...

5.8AI score
Exploits0
Snyk
Snyk
added 2025/11/24 4:24 p.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/24 4:24 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.7 views

trust-my-travel (>=0.1.0 <=0.1.2), zapier-axios (>=0.1.4 <=0.1.8) potentially affected by unknown CVE via axios-timed (=1.0.0)

axios-timed NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on axios-timed and may be impacted: - trust-my-travel =0.1.0, =0.1.4, =0.1.8 Source cves: unknown CVE Source advisory: SNYK:JS-AXIOSTIMED-14103576...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 2:44 p.m.5 views

Malicious code in axios-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c726ee1f437e2d41e6315304248feeb9214b2418b2a9662d27e0adec579c454 The package axios-builder was found to contain malicious code. Source: ghsa-malware f8ff42a488c5cabfb90c3ab47735ddb22959b3dfe23243360ac54c4db3da54af...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 2:44 p.m.2 views

EUVD-2025-198845

Malicious code in axios-builder npm...

6.6AI score
Exploits0References1
OSV
OSV
added 2025/11/24 2:44 p.m.2 views

MAL-2025-190832 Malicious code in axios-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c726ee1f437e2d41e6315304248feeb9214b2418b2a9662d27e0adec579c454 The package axios-builder was found to contain malicious code. Source: ghsa-malware f8ff42a488c5cabfb90c3ab47735ddb22959b3dfe23243360ac54c4db3da54af...

6.8AI score
Exploits0References4
Rows per page
Query Builder