3 matches found
PT-2026-37116
Name of the Vulnerable Software and Affected Versions OpenTelemetry.Exporter.OneCollector versions prior to 1.15.1 Description When exporting telemetry to a back-end or collector over HTTP, the HttpJsonPostTransport class reads the entire response body into memory without an upper bound if the...
Axios 安全漏洞
Axios is an open-source HTTP client developed by Axios. Versions prior to Axios 1.15.1 and 0.31.1 contain security vulnerabilities. These vulnerabilities allow attackers to influence the target URL of Axios requests, enabling them to bypass the NOPROXY protection by using any address within the...
PT-2026-35050
Name of the Vulnerable Software and Affected Versions Axios versions prior to 1.15.1 Axios versions prior to 0.31.1 Description The library is susceptible to a Prototype Pollution Gadget attack. This occurs because the validateStatus configuration property utilizes the mergeDirectKeys merge...