Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 2:50 p.m.6 views

Security Bulletin: IBM Maximo Scheduler Optimizer uses axios-1.13.5.tgz which is vulnerable to CVE-2025-62718

Summary IBM Maximo Scheduler Optimizer uses axios-1.13.5.tgz which is vulnerable to CVE-2025-62718. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and...

9.9CVSS6.5AI score0.01186EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/06 7:45 a.m.9 views

Security Bulletin: IBM Edge Data Collector uses axios-1.13.6.tgz which is vulnerable to CVE-2025-62718.

Summary IBM Edge Data Collector uses axios-1.13.6.tgz which is vulnerable to CVE-2025-62718. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 a...

9.9CVSS6.1AI score0.01186EPSS
Exploits1Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/05 12:20 a.m.13 views

Axios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0

Executive Summary This report documents an incomplete security patch for the previously disclosed vulnerability GHSA-3p68-rc4w-qgx5 CVE-2025-62718, which affects the NOPROXY hostname resolution logic in the Axios HTTP library. Background — The Original Vulnerability The original vulnerability...

10CVSS6.3AI score0.01186EPSS
Exploits2References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.6 views

PT-2026-35052

Name of the Vulnerable Software and Affected Versions Axios versions prior to 1.15.1 Axios versions prior to 0.31.1 Description An attacker capable of influencing the target URL of a request can bypass the NO PROXY protection by using any address in the 127.0.0.0/8 range, excluding 127.0.0.1...

10CVSS5.2AI score0.00661EPSS
Exploits1References254
vulnersOsv
vulnersOsv
added 2026/04/09 5:32 p.m.6 views

0xpay-cc-sdk (>=0.0.8 <=0.1.0), 1inch-agent-kit (=1.0.53) +6110 more potentially affected by CVE-2025-62718 via axios (>=1.0.0 <=1.14.0)

axios NPM version =1.0.0, =0.0.8, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.2-beta.0, =8.0.5, =6.1.0, =0.0.1-alpha.3, =0.1.6-alpha.11, =1.0.3-rc.0, =2.1.0 - @1tokenfe/hd-ble-sdk =1.1.15 - @1tokenfe/hd-common-connect-sdk =1.1.15 and more Source cves: CVE-2025-62718 Source advisory: OSV:GHSA-3P68-RC4W-Q...

9.9CVSS6.7AI score0.01186EPSS
Exploits1
Rows per page
Query Builder