VulnerableCode Package Details - pkg:npm/axios@1.16.0

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-51c7-v6tb-rydk	axios Vulnerable to Full Man-in-the-Middle via Prototype Pollution Gadget in `config.proxy`	CVE-2026-44494 GHSA-35jp-ww65-95wh
VCID-6zwg-zgr2-2qfw	Allocation of Resources Without Limits or Throttling in Axios	CVE-2026-44488 GHSA-777c-7fjr-54vf
VCID-7ayb-d1sc-kqhn	Axios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP Adapter	CVE-2026-44487 GHSA-p92q-9vqr-4j8v
VCID-8vwd-zh7x-d3dh	Axios has a Patch Bypass: Proxy-Authorization Header Injection via Prototype Pollution — Incomplete Null-Prototype Fix	CVE-2026-44489 GHSA-654m-c8p4-x5fp
VCID-bwhx-3sqd-sbdt	axios's shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718)	CVE-2026-44492 GHSA-pjwm-pj3p-43mv
VCID-mxxd-29jn-n3hz	axios has DoS & Header Injection via Prototype Pollution Read-Side Gadgets in axios merge functions	CVE-2026-44490 GHSA-898c-q2cr-xwhg
VCID-qzgk-6jrw-5bej	Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection	CVE-2026-44496 GHSA-hfxv-24rg-xrqf
VCID-tqqm-t9ab-vfec	Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connection	CVE-2026-44486 GHSA-j5f8-grm9-p9fc

Vulnerability

Summary

Aliases

VCID-51c7-v6tb-rydk

axios Vulnerable to Full Man-in-the-Middle via Prototype Pollution Gadget in `config.proxy`

CVE-2026-44494
GHSA-35jp-ww65-95wh

VCID-6zwg-zgr2-2qfw

Allocation of Resources Without Limits or Throttling in Axios

CVE-2026-44488
GHSA-777c-7fjr-54vf

VCID-7ayb-d1sc-kqhn

Axios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP Adapter

CVE-2026-44487
GHSA-p92q-9vqr-4j8v

VCID-8vwd-zh7x-d3dh

Axios has a Patch Bypass: Proxy-Authorization Header Injection via Prototype Pollution — Incomplete Null-Prototype Fix

CVE-2026-44489
GHSA-654m-c8p4-x5fp

VCID-bwhx-3sqd-sbdt

axios's shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718)

CVE-2026-44492
GHSA-pjwm-pj3p-43mv

VCID-mxxd-29jn-n3hz

axios has DoS & Header Injection via Prototype Pollution Read-Side Gadgets in axios merge functions

CVE-2026-44490
GHSA-898c-q2cr-xwhg

VCID-qzgk-6jrw-5bej

Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection

CVE-2026-44496
GHSA-hfxv-24rg-xrqf

VCID-tqqm-t9ab-vfec

Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connection

CVE-2026-44486
GHSA-j5f8-grm9-p9fc

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T07:52:06.611106+00:00	GithubOSV Importer	Fixing	VCID-8vwd-zh7x-d3dh	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-654m-c8p4-x5fp/GHSA-654m-c8p4-x5fp.json	38.6.0
2026-06-12T07:51:58.707784+00:00	GithubOSV Importer	Fixing	VCID-bwhx-3sqd-sbdt	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-pjwm-pj3p-43mv/GHSA-pjwm-pj3p-43mv.json	38.6.0
2026-06-12T07:51:51.370294+00:00	GithubOSV Importer	Fixing	VCID-51c7-v6tb-rydk	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-35jp-ww65-95wh/GHSA-35jp-ww65-95wh.json	38.6.0
2026-06-12T07:51:17.796100+00:00	GithubOSV Importer	Fixing	VCID-mxxd-29jn-n3hz	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-898c-q2cr-xwhg/GHSA-898c-q2cr-xwhg.json	38.6.0
2026-06-12T07:50:45.905150+00:00	GithubOSV Importer	Fixing	VCID-6zwg-zgr2-2qfw	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/06/GHSA-777c-7fjr-54vf/GHSA-777c-7fjr-54vf.json	38.6.0
2026-06-12T07:50:41.638768+00:00	GithubOSV Importer	Fixing	VCID-tqqm-t9ab-vfec	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/06/GHSA-j5f8-grm9-p9fc/GHSA-j5f8-grm9-p9fc.json	38.6.0
2026-06-12T07:50:39.365921+00:00	GithubOSV Importer	Fixing	VCID-qzgk-6jrw-5bej	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/06/GHSA-hfxv-24rg-xrqf/GHSA-hfxv-24rg-xrqf.json	38.6.0
2026-06-12T07:50:37.308294+00:00	GithubOSV Importer	Fixing	VCID-7ayb-d1sc-kqhn	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/06/GHSA-p92q-9vqr-4j8v/GHSA-p92q-9vqr-4j8v.json	38.6.0
2026-06-11T20:38:58.299453+00:00	GHSA Importer	Fixing	VCID-qzgk-6jrw-5bej	https://github.com/advisories/GHSA-hfxv-24rg-xrqf	38.6.0
2026-06-11T20:38:58.261557+00:00	GHSA Importer	Fixing	VCID-6zwg-zgr2-2qfw	https://github.com/advisories/GHSA-777c-7fjr-54vf	38.6.0
2026-06-11T20:38:58.221988+00:00	GHSA Importer	Fixing	VCID-7ayb-d1sc-kqhn	https://github.com/advisories/GHSA-p92q-9vqr-4j8v	38.6.0
2026-06-11T20:38:58.184395+00:00	GHSA Importer	Fixing	VCID-tqqm-t9ab-vfec	https://github.com/advisories/GHSA-j5f8-grm9-p9fc	38.6.0
2026-06-11T20:38:54.827099+00:00	GHSA Importer	Fixing	VCID-51c7-v6tb-rydk	https://github.com/advisories/GHSA-35jp-ww65-95wh	38.6.0
2026-06-11T20:38:54.809090+00:00	GHSA Importer	Fixing	VCID-bwhx-3sqd-sbdt	https://github.com/advisories/GHSA-pjwm-pj3p-43mv	38.6.0
2026-06-11T20:38:54.776947+00:00	GHSA Importer	Fixing	VCID-mxxd-29jn-n3hz	https://github.com/advisories/GHSA-898c-q2cr-xwhg	38.6.0
2026-06-11T20:38:54.743334+00:00	GHSA Importer	Fixing	VCID-8vwd-zh7x-d3dh	https://github.com/advisories/GHSA-654m-c8p4-x5fp	38.6.0