Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/41716?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/41716?format=api", "purl": "pkg:npm/axios@0.32.0", "type": "npm", "namespace": "", "name": "axios", "version": "0.32.0", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.0.0-alpha.1", "latest_non_vulnerable_version": "1.16.0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/213170?format=api", "vulnerability_id": "VCID-7ayb-d1sc-kqhn", "summary": "Axios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP Adapter", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44487.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44487.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13356", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44487" }, { "reference_url": "https://github.com/axios/axios", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios" }, { "reference_url": "https://github.com/axios/axios/releases/tag/v0.32.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios/releases/tag/v0.32.0" }, { "reference_url": "https://github.com/axios/axios/releases/tag/v1.16.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios/releases/tag/v1.16.0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44487" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487948", "reference_id": "2487948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487948" }, { "reference_url": "https://github.com/advisories/GHSA-p92q-9vqr-4j8v", "reference_id": "GHSA-p92q-9vqr-4j8v", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p92q-9vqr-4j8v" }, { "reference_url": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v", "reference_id": "GHSA-p92q-9vqr-4j8v", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-11T18:17:25Z/" } ], "url": "https://github.com/axios/axios/security/advisories/GHSA-p92q-9vqr-4j8v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41716?format=api", "purl": "pkg:npm/axios@0.32.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.32.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/41714?format=api", "purl": "pkg:npm/axios@1.16.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.16.0" } ], "aliases": [ "CVE-2026-44487", "GHSA-p92q-9vqr-4j8v" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ayb-d1sc-kqhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/213079?format=api", "vulnerability_id": "VCID-bwhx-3sqd-sbdt", "summary": "axios's shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44492.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09723", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44492" }, { "reference_url": "https://github.com/axios/axios", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487938", "reference_id": "2487938", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487938" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718", "reference_id": "CVE-2025-62718", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718" }, { "reference_url": "https://github.com/advisories/GHSA-pjwm-pj3p-43mv", "reference_id": "GHSA-pjwm-pj3p-43mv", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pjwm-pj3p-43mv" }, { "reference_url": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv", "reference_id": "GHSA-pjwm-pj3p-43mv", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-13T02:10:20Z/" } ], "url": "https://github.com/axios/axios/security/advisories/GHSA-pjwm-pj3p-43mv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41716?format=api", "purl": "pkg:npm/axios@0.32.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.32.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/41714?format=api", "purl": "pkg:npm/axios@1.16.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.16.0" } ], "aliases": [ "CVE-2026-44492", "GHSA-pjwm-pj3p-43mv" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bwhx-3sqd-sbdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/213078?format=api", "vulnerability_id": "VCID-mxxd-29jn-n3hz", "summary": "axios has DoS & Header Injection via Prototype Pollution Read-Side Gadgets in axios merge functions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44490.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44490.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44490", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13222", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44490" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44490" }, { "reference_url": "https://github.com/axios/axios", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44490", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44490" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487941", "reference_id": "2487941", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487941" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16487", "reference_id": "CVE-2018-16487", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16487" }, { "reference_url": "https://github.com/advisories/GHSA-898c-q2cr-xwhg", "reference_id": "GHSA-898c-q2cr-xwhg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-898c-q2cr-xwhg" }, { "reference_url": "https://github.com/axios/axios/security/advisories/GHSA-898c-q2cr-xwhg", "reference_id": "GHSA-898c-q2cr-xwhg", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-06-11T17:22:28Z/" } ], "url": "https://github.com/axios/axios/security/advisories/GHSA-898c-q2cr-xwhg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41716?format=api", "purl": "pkg:npm/axios@0.32.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.32.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/41714?format=api", "purl": "pkg:npm/axios@1.16.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.16.0" } ], "aliases": [ "CVE-2026-44490", "GHSA-898c-q2cr-xwhg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxxd-29jn-n3hz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/213172?format=api", "vulnerability_id": "VCID-qzgk-6jrw-5bej", "summary": "Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44496.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44496.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44496", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12486", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44496" }, { "reference_url": "https://github.com/axios/axios", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios" }, { "reference_url": "https://github.com/axios/axios/releases/tag/v0.32.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios/releases/tag/v0.32.0" }, { "reference_url": "https://github.com/axios/axios/releases/tag/v1.16.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios/releases/tag/v1.16.0" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487943", "reference_id": "2487943", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487943" }, { "reference_url": "https://github.com/advisories/GHSA-hfxv-24rg-xrqf", "reference_id": "GHSA-hfxv-24rg-xrqf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hfxv-24rg-xrqf" }, { "reference_url": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf", "reference_id": "GHSA-hfxv-24rg-xrqf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-11T17:21:54Z/" } ], "url": "https://github.com/axios/axios/security/advisories/GHSA-hfxv-24rg-xrqf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41716?format=api", "purl": "pkg:npm/axios@0.32.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.32.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/41714?format=api", "purl": "pkg:npm/axios@1.16.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.16.0" } ], "aliases": [ "CVE-2026-44496", "GHSA-hfxv-24rg-xrqf" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qzgk-6jrw-5bej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/213169?format=api", "vulnerability_id": "VCID-tqqm-t9ab-vfec", "summary": "Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44486.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44486.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44486", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09455", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44486" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44486", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44486" }, { "reference_url": "https://github.com/axios/axios", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios" }, { "reference_url": "https://github.com/axios/axios/commit/afca61a070728e717203c2bc21e7b589b59b858b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios/commit/afca61a070728e717203c2bc21e7b589b59b858b" }, { "reference_url": "https://github.com/axios/axios/pull/10794", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios/pull/10794" }, { "reference_url": "https://github.com/axios/axios/releases/tag/v0.32.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios/releases/tag/v0.32.0" }, { "reference_url": "https://github.com/axios/axios/releases/tag/v1.16.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/axios/axios/releases/tag/v1.16.0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44486" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487947", "reference_id": "2487947", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487947" }, { "reference_url": "https://github.com/advisories/GHSA-j5f8-grm9-p9fc", "reference_id": "GHSA-j5f8-grm9-p9fc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j5f8-grm9-p9fc" }, { "reference_url": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc", "reference_id": "GHSA-j5f8-grm9-p9fc", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-13T02:14:03Z/" } ], "url": "https://github.com/axios/axios/security/advisories/GHSA-j5f8-grm9-p9fc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/41716?format=api", "purl": "pkg:npm/axios@0.32.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.32.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/41714?format=api", "purl": "pkg:npm/axios@1.16.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/axios@1.16.0" } ], "aliases": [ "CVE-2026-44486", "GHSA-j5f8-grm9-p9fc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tqqm-t9ab-vfec" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/axios@0.32.0" }