NodeJS/axios/0.20.0-0


Promise based HTTP client for the browser and node.js

https://www.npmjs.com/package/axios
MIT

3 Security Vulnerabilities

Axios vulnerable to Server-Side Request Forgery

Published date: 2021-01-04T20:59:40Z
CVE: CVE-2020-28168
Links:

Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.

Affected versions: ["0.1.0", "0.2.0", "0.2.1", "0.2.2", "0.3.0", "0.3.1", "0.4.0", "0.4.1", "0.4.2", "0.5.0", "0.5.1", "0.5.2", "0.5.3", "0.5.4", "0.6.0", "0.7.0", "0.8.0", "0.8.1", "0.9.0", "0.9.1", "0.10.0", "0.11.0", "0.11.1", "0.12.0", "0.13.0", "0.13.1", "0.14.0", "0.15.0", "0.15.1", "0.15.2", "0.15.3", "0.16.0", "0.16.1", "0.16.2", "0.17.0", "0.17.1", "0.18.0", "0.19.0-beta.1", "0.19.0", "0.18.1", "0.19.1", "0.19.2", "0.20.0-0", "0.20.0", "0.21.0"]
Secure versions: [1.0.0-alpha.1, 1.6.0, 1.6.1, 1.6.2, 1.6.3, 1.6.4, 1.6.5, 1.6.6, 1.6.7, 0.28.0, 1.6.8]
Recommendation: Update to version 1.6.8.

axios Inefficient Regular Expression Complexity vulnerability

Published date: 2021-09-01T18:23:02Z
CVE: CVE-2021-3749
Links:

axios before v0.21.2 is vulnerable to Inefficient Regular Expression Complexity.

Affected versions: ["0.1.0", "0.2.0", "0.2.1", "0.2.2", "0.3.0", "0.3.1", "0.4.0", "0.4.1", "0.4.2", "0.5.0", "0.5.1", "0.5.2", "0.5.3", "0.5.4", "0.6.0", "0.7.0", "0.8.0", "0.8.1", "0.9.0", "0.9.1", "0.10.0", "0.11.0", "0.11.1", "0.12.0", "0.13.0", "0.13.1", "0.14.0", "0.15.0", "0.15.1", "0.15.2", "0.15.3", "0.16.0", "0.16.1", "0.16.2", "0.17.0", "0.17.1", "0.18.0", "0.19.0-beta.1", "0.19.0", "0.18.1", "0.19.1", "0.19.2", "0.20.0-0", "0.20.0", "0.21.0", "0.21.1"]
Secure versions: [1.0.0-alpha.1, 1.6.0, 1.6.1, 1.6.2, 1.6.3, 1.6.4, 1.6.5, 1.6.6, 1.6.7, 0.28.0, 1.6.8]
Recommendation: Update to version 1.6.8.

Axios Cross-Site Request Forgery Vulnerability

Published date: 2023-11-08T21:30:37Z
CVE: CVE-2023-45857
Links:

An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.

Affected versions: ["0.8.1", "0.9.0", "0.9.1", "0.10.0", "0.11.0", "0.11.1", "0.12.0", "0.13.0", "0.13.1", "0.14.0", "0.15.0", "0.15.1", "0.15.2", "0.15.3", "0.16.0", "0.16.1", "0.16.2", "0.17.0", "0.17.1", "0.18.0", "0.19.0-beta.1", "0.19.0", "0.18.1", "0.19.1", "0.19.2", "0.20.0-0", "0.20.0", "0.21.0", "0.21.1", "0.21.2", "0.21.3", "0.21.4", "0.22.0", "0.23.0", "0.24.0", "0.25.0", "0.26.0", "0.26.1", "0.27.0", "0.27.1", "0.27.2", "1.0.0", "1.1.0", "1.1.1", "1.1.2", "1.1.3", "1.2.0-alpha.1", "1.2.0", "1.2.1", "1.2.2", "1.2.3", "1.2.4", "1.2.5", "1.2.6", "1.3.0", "1.3.1", "1.3.2", "1.3.3", "1.3.4", "1.3.5", "1.3.6", "1.4.0", "1.5.0", "1.5.1"]
Secure versions: [1.0.0-alpha.1, 1.6.0, 1.6.1, 1.6.2, 1.6.3, 1.6.4, 1.6.5, 1.6.6, 1.6.7, 0.28.0, 1.6.8]
Recommendation: Update to version 1.6.8.

92 Other Versions

Version License Security Released
1.6.8 MIT 2024-03-15 - 16:32 13 days
1.6.7 MIT 2024-01-25 - 19:58 2 months
1.6.6 MIT 2024-01-24 - 23:12 2 months
1.6.5 MIT 2024-01-05 - 19:52 3 months
1.6.4 MIT 2024-01-03 - 22:10 3 months
1.6.3 MIT 2023-12-26 - 23:16 3 months
1.6.2 MIT 2023-11-14 - 20:36 4 months
1.6.1 MIT 2023-11-08 - 15:09 5 months
1.6.0 MIT 2023-10-26 - 21:15 5 months
1.5.1 MIT 1 2023-09-26 - 18:22 6 months
1.5.0 MIT 1 2023-08-26 - 19:10 7 months
1.4.0 MIT 1 2023-04-27 - 23:05 11 months
1.3.6 MIT 1 2023-04-19 - 19:38 11 months
1.3.5 MIT 1 2023-04-05 - 18:03 12 months
1.3.4 MIT 1 2023-02-22 - 21:06 about 1 year
1.3.3 MIT 1 2023-02-13 - 18:47 about 1 year
1.3.2 MIT 1 2023-02-03 - 18:10 about 1 year
1.3.1 MIT 1 2023-02-01 - 23:31 about 1 year
1.3.0 MIT 1 2023-01-31 - 16:55 about 1 year
1.2.6 MIT 1 2023-01-28 - 16:41 about 1 year
1.2.5 MIT 1 2023-01-26 - 15:06 about 1 year
1.2.4 MIT 1 2023-01-24 - 17:21 about 1 year
1.2.3 MIT 1 2023-01-17 - 17:56 about 1 year
1.2.2 MIT 1 2022-12-29 - 06:38 about 1 year
1.2.1 MIT 1 2022-12-05 - 19:39 over 1 year
1.2.0 MIT 1 2022-11-22 - 19:06 over 1 year
1.2.0-alpha.1 MIT 1 2022-11-10 - 19:06 over 1 year
1.1.3 MIT 1 2022-10-15 - 13:42 over 1 year
1.1.2 MIT 1 2022-10-07 - 10:14 over 1 year
1.1.1 MIT 1 2022-10-07 - 09:15 over 1 year
1.1.0 MIT 1 2022-10-06 - 19:19 over 1 year
1.0.0 MIT 1 2022-10-04 - 19:24 over 1 year
1.0.0-alpha.1 MIT 2022-05-31 - 19:23 almost 2 years
0.28.0 MIT 2024-02-12 - 18:38 about 1 month
0.27.2 MIT 1 2022-04-27 - 10:00 almost 2 years
0.27.1 MIT 1 2022-04-26 - 07:36 almost 2 years
0.27.0 MIT 1 2022-04-25 - 16:42 almost 2 years
0.26.1 MIT 1 2022-03-09 - 17:13 about 2 years
0.26.0 MIT 1 2022-02-13 - 14:22 about 2 years
0.25.0 MIT 1 2022-01-18 - 07:14 about 2 years
0.24.0 MIT 1 2021-10-25 - 17:51 over 2 years
0.23.0 MIT 1 2021-10-12 - 15:37 over 2 years
0.22.0 MIT 1 2021-10-01 - 05:54 over 2 years
0.21.4 MIT 1 2021-09-06 - 15:35 over 2 years
0.21.3 MIT 1 2021-09-04 - 19:05 over 2 years
0.21.2 MIT 1 2021-09-04 - 10:18 over 2 years
0.21.1 MIT 2 2020-12-22 - 04:20 over 3 years
0.21.0 MIT 3 2020-10-23 - 16:27 over 3 years
0.20.0 MIT 3 2020-08-21 - 03:12 over 3 years
0.20.0-0 MIT 3 2020-07-15 - 16:07 over 3 years
0.19.2 MIT 3 2020-01-22 - 04:25 about 4 years
0.19.1 MIT 3 2020-01-07 - 17:23 about 4 years
0.19.0 MIT 3 2019-05-30 - 16:13 almost 5 years
0.19.0-beta.1 MIT 3 2018-08-09 - 18:44 over 5 years
0.18.1 MIT 3 2019-06-01 - 00:46 almost 5 years
0.18.0 MIT 4 2018-02-19 - 23:28 about 6 years
0.17.1 MIT 4 2017-11-11 - 23:24 over 6 years
0.17.0 MIT 4 2017-10-21 - 18:01 over 6 years
0.16.2 MIT 4 2017-06-03 - 19:29 almost 7 years
0.16.1 MIT 4 2017-04-08 - 18:51 almost 7 years
0.16.0 MIT 4 2017-04-01 - 02:31 almost 7 years
0.15.3 MIT 4 2016-11-27 - 21:59 over 7 years
0.15.2 MIT 4 2016-10-18 - 01:33 over 7 years
0.15.1 MIT 4 2016-10-15 - 06:39 over 7 years
0.15.0 MIT 4 2016-10-11 - 04:40 over 7 years
0.14.0 MIT 4 2016-08-27 - 18:30 over 7 years
0.13.1 MIT 4 2016-07-16 - 17:13 over 7 years
0.13.0 MIT 4 2016-07-13 - 19:42 over 7 years
0.12.0 MIT 4 2016-06-01 - 05:22 almost 8 years
0.11.1 MIT 4 2016-05-17 - 15:59 almost 8 years
0.11.0 MIT 4 2016-04-27 - 04:19 almost 8 years
0.10.0 MIT 4 2016-04-21 - 04:52 almost 8 years
0.9.1 MIT 4 2016-01-24 - 22:19 about 8 years
0.9.0 MIT 4 2016-01-18 - 18:19 about 8 years
0.8.1 MIT 4 2015-12-15 - 03:44 over 8 years
0.8.0 MIT 3 2015-12-11 - 19:09 over 8 years
0.7.0 MIT 3 2015-09-29 - 06:36 over 8 years
0.6.0 MIT 3 2015-09-21 - 20:20 over 8 years
0.5.4 MIT 3 2015-04-08 - 18:49 almost 9 years
0.5.3 MIT 3 2015-04-08 - 03:01 almost 9 years
0.5.2 MIT 3 2015-03-13 - 23:14 about 9 years
0.5.1 MIT 3 2015-03-10 - 20:47 about 9 years
0.5.0 MIT 3 2015-01-23 - 10:15 about 9 years
0.4.2 MIT 3 2014-12-11 - 07:14 over 9 years
0.4.1 MIT 3 2014-10-15 - 18:19 over 9 years
0.4.0 MIT 3 2014-10-05 - 23:55 over 9 years
0.3.1 MIT 3 2014-09-17 - 00:31 over 9 years
0.3.0 MIT 3 2014-09-16 - 18:20 over 9 years
0.2.2 MIT 3 2014-09-15 - 03:30 over 9 years
0.2.1 MIT 3 2014-09-12 - 22:57 over 9 years
0.2.0 MIT 3 2014-09-12 - 20:06 over 9 years
0.1.0 MIT 3 2014-08-29 - 23:08 over 9 years