Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/axios@1.10.0
Typenpm
Namespace
Nameaxios
Version1.10.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.18.1
Latest_non_vulnerable_version1.16.0
Affected_by_vulnerabilities
0
url VCID-pp86-38fk-53b5
vulnerability_id VCID-pp86-38fk-53b5
summary 
Withdrawn Advisory: Axios has Transitive Critical Vulnerability via form-data
- **Vulnerability Type**: Predictable Value / HTTP Parameter Pollution
- **Risk**: Critical (CVSS 9.4)
- **Impacted Users**: Any application using axios@1.10.0 to submit multipart form-data


This could potentially allow attackers to:
- Interfere with multipart request parsing
- Inject unintended parameters
- Exploit backend deserialization logic depending on content boundaries
references
0
reference_url https://github.com/axios/axios
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios
1
reference_url https://github.com/axios/axios/issues/6969
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/issues/6969
2
reference_url https://github.com/axios/axios/pull/6970
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/pull/6970
3
reference_url https://security.snyk.io/vuln/SNYK-JS-FORMDATA-10841150
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-JS-FORMDATA-10841150
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-54371
reference_id CVE-2025-54371
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-54371
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-7783
reference_id CVE-2025-7783
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-7783
6
reference_url https://github.com/advisories/GHSA-fjxv-7rqg-78g4
reference_id GHSA-fjxv-7rqg-78g4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-fjxv-7rqg-78g4
7
reference_url https://github.com/advisories/GHSA-rm8p-cx58-hcvx
reference_id GHSA-rm8p-cx58-hcvx
reference_type
scores
url https://github.com/advisories/GHSA-rm8p-cx58-hcvx
8
reference_url https://github.com/axios/axios/security/advisories/GHSA-rm8p-cx58-hcvx
reference_id GHSA-rm8p-cx58-hcvx
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/axios/axios/security/advisories/GHSA-rm8p-cx58-hcvx
fixed_packages
0
url pkg:npm/axios@1.11.0
purl pkg:npm/axios@1.11.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.11.0
aliases CVE-2025-54371, GHSA-rm8p-cx58-hcvx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pp86-38fk-53b5
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/axios@1.10.0